WordPress 5.7.1 is now available!
This security and maintenance release features 26 bug fixes in addition to two security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 4.7 have also been updated.
WordPress 5.7.1 is a short-cycle security and maintenance release. The next major release will be version 5.8.
You can download WordPress 5.7.1 by downloading from WordPress.org, or visit your Dashboard → Updates and click Update Now.
If you have sites that support automatic background updates, they’ve already started the update process.
Security Updates
Two security issues affect WordPress versions between 4.7 and 5.7. If you haven’t yet updated to 5.7, all WordPress versions since 4.7 have also been updated to fix the following security issues:
- Thank you SonarSource for reporting an XXE vulnerability within the media library affecting PHP 8.
- Thanks Mikael Korpela for reporting a data exposure vulnerability within the REST API.
Thank you to all of the reporters for privately disclosing the vulnerabilities. This gave the security team time to fix the vulnerabilities before WordPress sites could be attacked.
Props to Adam Zielinski, Pascal Birchler, Peter Wilson, Juliette Reinders Folmer, Alex Concha, Ehtisham Siddiqui, Timothy Jacobs and the WordPress security team for their work on these issues.
For more information, browse the full list of changes on Trac, or check out the version 5.7.1 HelpHub documentation page.
Thanks and props!
The 5.7.1 release was led by @peterwilsoncc and @audrasjb.
In addition to the security researchers and release squad members mentioned above, thank you to everyone who helped make WordPress 5.7.1 happen:
99w, Adam Silverstein, Andrew Ozz, annalamprou, anotherdave, Ari Stathopoulos, Ayesh Karunaratne, bobbingwide, Brecht, Daniel Richards, David Baumwald, dkoo, Dominik Schilling, dragongate, eatsleepcode, Ella van Durpe, Erik, Fabian Pimminger, Felix Arntz, Florian TIAR, gab81, Gal Baras, Geoffrey, George Mamadashvili, Glen Davies, Greg Ziółkowski, grzim, Ipstenu (Mika Epstein), Jake Spurlock, Jayman Pandya, Jb Audras, Joen A., Johan Jonk Stenström, Johannes Kinast, John Blackbourn, John James Jacoby, Jonathan Desrosiers, Josee Wouters, Joy, k3nsai, Kelly Choyce-Dwan, Kerry Liu, Marius L. J., Mel Choyce-Dwan, Mikhail Kobzarev, mmuyskens, Mukesh Panchal, nicegamer7, Otshelnik-Fm, Paal Joachim Romdahl, palmiak, Pascal Birchler, Peter Wilson, pwallner, Rachel Baker, Riad Benguella, Rinat Khaziev, Robert Anderson, Roger Theriault, Sergey Biryukov, Sergey Yakimov, SirStuey, stefanjoebstl, Stephen Bernhardt, Sumit Singh, Sybre Waaijer, Synchro, Terri Ann, tigertech, Timothy Jacobs, tmatsuur, TobiasBg, Tonya Mork, Toru Miki, Ulrich, and Vlad T.
It started with some fancy Bose headphones being sent out to a select few people who were deemed “influencers” in the WordPress space. From there, it led to some bizarre videos purporting to be from WordPress which stated that competitor Wix was going to start a campaign “trashing” the market-leading content management system (CMS).
Of course, this was all a marketing ploy by Wix, the DIY website provider. The goal is a bit fuzzy, but perhaps it’s to demonstrate its developer-focused features. All the while, it also attempts to make WordPress look like a hot mess.
In response, WordPress co-founder Matt Mullenweg posted his own take on the shenanigans. He mentioned Wix-related customer service issues, alleged code theft and the fact that Wix doesn’t allow users to export their website content for use elsewhere. Subsequently, Wix CEO Avishai Abraham offered an open reply of his own.
Nothing like a good old-fashioned internet fight to get the CMS-wars going! But this isn’t exactly a Coke versus Pepsi type of rivalry. In terms of market share, it’s more like an ant (Wix) flicking a spec of dirt on Godzilla (WordPress).
The WordPress community has reacted with a mix of disdain, bewilderment and amusement. But what does it all mean? Allow me to try and make sense of this free-for-all.
The Attacks Make Wix Look Like a Bully
Competing products go after each other all the time. Everyone from automakers to retailers dig at each other. So, why is this any different?
For one, WordPress is an open-source project. It boasts a very large, active community of users and contributors. People from around the world volunteer their time to keep the project going. Or maybe Wix is talking about the Automattic-owned WordPress.com. But the campaign doesn’t seem to really differentiate between the two.
Wix is a corporately-owned, proprietary system. They sell a service. While they may be considered the “little” guy in the fight, they are far from a penniless or powerless organization.
And it’s the organizational difference that makes Wix look bad. The fact that a for-profit company is going after a free, open-source competitor could be seen as bullying. Almost like a grocery store attacking a food bank.
While Wix has every right to communicate and declare its self-described advantages, the manner in which they’ve chosen to do so seems unnecessarily abrasive. Perhaps it’s a way to get attention. Whether it’s the kind of attention that actually benefits them may be another matter.
WordPress Isn’t Immune to Constructive Criticism
I believe the WordPress community has a right to be on the defensive here. They’ve invested a lot of blood, sweat and tears into the software. That collective effort has created a strong bond amongst users and with WordPress itself.
Therefore, an attack on the CMS is seen as an attack on the community at large. The video portrayal of WordPress as an impersonal, error-prone platform goes against the views and pursuits of many in the community. It infers that the work people have put into the project isn’t good enough. As if contributions to something bigger than oneself is a fool’s errand.
That’s not to say that everything is perfect. WordPress has its own shortcomings and areas that could stand to improve. Like all software, it’s a continual work-in-progress.
If Wix wants to call attention to issues such as plugin conflicts, security problems or maintenance requirements – that’s fair game. A critical eye towards real issues should always be welcomed, whether it’s from a competitor or within the WordPress ecosystem itself.
Competition is often one of the best ways to bring about these types of moments. It provides a crucial opportunity for self-reflection and improvement. Running completely unopposed certainly doesn’t fuel the same kind of evolution.
What Could This Mean for the Future of Both Apps?
The immediate result of this kerfuffle is that Wix gets some attention, while WordPress fans become agitated. In some respects, that could be viewed as a win for the challenger.
Yet the long-term effects will be the true test. Will Wix be able to poach enough users away from WordPress to make this all worth their while?
The market share disparity (41% for WordPress, 1.5% for Wix as of this writing) is massive. This means that, even if a relatively small number of users make the switch, Wix can claim growth. For argument’s sake (and realistic or not), let’s say it’s 1 million websites did so. That number means a whole lot more to Wix (a million paying customers) than it does WordPress.
Meanwhile, it’s hard to imagine that any of these attacks put a significant dent into WordPress’ continued growth. It will stay the market leader by a large margin for the foreseeable future.
Still, when you look at it this way, it’s easy to see why Wix wanted to pick a fight. Will it actually pan out? Time will tell us the answer.
The post Wix Goes After WordPress: One User’s Take appeared first on Speckyboy Design Magazine.