In today’s World of WordPress, we dive into a couple of security issues, Automattic’s latest investment, the end of an era at StudioPress, and a new player on the web builder horizon.
There seems always to be an issue with security vulnerabilities. I know many people keep up with them through the Wordfence content.
Enter WebARX. The new platform several have already implemented to help secure their sites is also keeping up with various vulnerability issues.
I had never heard of the "Theme Editor" plugin. I can remember, in times past, editing the theme in that theme editor tied to the WordPress dashboard.
One day, I came to my senses and started editing the actual files using an FTP.
Anyway, according to WebARX,
"Theme editor versions 2.1 and lower are affected by multiple vulnerabilities such as CSRF, insufficient permission checking, arbitrary file upload and the ability to interact with folders/files on the server in most ways you can imagine."
It has since been updated.
It is, of course, always a good idea to keep plugins updated. Naturally, we here use MainWP to manage this process!
Pay attention to your defunct plugins too! Naked Security lets us in on the fact that the makers of Rich Reviews haven't updated in over three years.
Wordfence first disclosed the vulnerability.
According to Naked Security,
"The now-defunct plug-in has a major vulnerability that allows malvertisers to infect sites running WordPress and redirect visitors to other sites."
In this case, users should just uninstall the plugin and look for something different.
The plugin developer has disclosed that they have discontinued the plugin.
Quite possibly, the biggest WordPress news in the last month is that Automattic raised $300M in funding from Salesforce Ventures.
According to an article at Techcrunch, Automattic had a $3 billion post-money valuation. The company which has recently acquired Tumblr and WooCommerce, among others, is getting bigger and adding more value.
It looks like Automattic is seeking a market share similar to Android.
Matt Mullenweg told the Techcrunch author Romain Dillet,
"I think there’s potential to get to a similar market share as Android, which I believe now has 85% of all handsets. When you think about it, open source has a virtuous cycle of adoption, people building on the platform and more adoption."
There was a hint that Automattic will see some integrations from Salesforce. One can only speculate about how this will affect WordPress in the long run.
It is possible that Automattic and WordPress may be setting up to more fully service enterprise-level clients while maintaining its open-source platform for small and medium-sized businesses.
In my early days of WordPress, well, Todd_WordPress 2.0, I came across the Genesis Theme Framework. I cut my teeth, so to speak, on the framework.
I even bought the lifetime deal by StudioPress. I thought I hit the jackpot.
Then, I found friendly folks in the community willing to share and help me along the way.
Next, I worked with an agency, and they used the Genesis Framework too.
So to say I knew about Brian Gardner is an understatement. He was our fearless leader.
Then, I became a fan of Copyblogger, which became very much part of the StudioPress suite of tools when they merged.
I was a full-on fanboy of StudioPress. So, I really appreciate what StudioPress did for me in my early WordPress years.
Last year, WP Engine acquired StudioPress. In the past year, StudioPress has been busy updating its themes and Genesis Frameworks to better work with the newer WordPress.
It seems this is a sign for an exit by Brian Gardner.
In a post on the StudioPress blog, Gardner says,
"I am both sad and relieved to announce that today is the last day of my contract with WP Engine, and therefore my last day with StudioPress."
He says it's not a final goodbye. I hope not.
Justin Tadlock has a nice write up of the departure at WP Tavern.
"He’s unafraid of letting his personal geek flag fly in his online life. He quotes Sarah McLachlan, is a self-affirmed Starbucks addict, runs marathons, and loves family trips to Disney World."
Have you ever used the Genesis Theme Framework?
While Automattic tries to increase even more of the web market share, other players are popping up.
It seems I can't watch a video on Youtube without seeing the interesting ad for Duda, a new website builder platform.
Duda now has $25 million to work with receiving a nice investment from Susquehanna Growth Equity.
According to a TechCrunch article,
"The funding, which brings the Palo Alto-based startup to $50 million raised to date, comes as Duda hits some strong milestones. There have been more than 560,000 websites built on its platform to date from some 6,000 web professionals — a mark of the B2B2C channel that Duda uses to grow (on an average this would work out to around 93 sites per developer or agency)."
Duda certainly may be a good solution for someone creating the same kind of website every time. They are billing themselves as a simpler, easier builder versus WordPress.
It will be interesting to see how much of the market they can gain over the next few years.
The WordPress space is maturing as an industry. Some companies are getting bigger, acquiring other businesses, and receiving investments from venture funds.
Automattic itself is growing. What does all this mean for WordPress?
Only time will tell.
It is always good to keep our eyes open to see what is happening across our industry.
One thing is for sure, the end of an era is the beginning of another. The new era comes with excitement and caution simultaneously.
What do you think about all the changes in the WordPress industry?