This Month in WordPress: October Roundup
October has been a busy month leading up to the highly anticipated release of WordPress 6.4, scheduled for early November. But before that, we have some news in October to recap.
We saw important updates like the WordPress 6.3.2 security patch and the State of the Word 2023 announcement. At Hostinger, we also rolled out some key product updates for WordPress users.
Let’s get into the WordPress news and updates for October.
Hostinger AI Troubleshooter
We’ve launched the AI Troubleshooter, a new feature in hPanel designed to identify and help you resolve common website errors like 403, 404, 500, and 503. Currently, it’s optimized for WordPress installations. Here’s how to use it:
- Log in to the Hostinger Members Area and access your site’s hPanel.
- Go to WordPress → AI Troubleshooter in the left panel.
- The tool will scan your website in seconds. If it detects an error, it will specify the type and offer immediate solutions.
- If the AI Troubleshooter can fix the issue automatically, simply click the Fix my website button to finalize it.
This tool is currently in beta, but it’s fully functional for error resolution. Keep an eye out for additional features in the coming months.
Suggested Reading
Learn more about how to troubleshoot errors:
1. How to Fix the 403 Forbidden Error
2. How to Fix the 404 Not Found Error
3. How to Fix 500 Internal Server Error
4. How to Fix 503 Service Unavailable Error
5. How to Fix WordPress Critical Error
Hostinger in Local WordCamps
This year, we’ve proudly sponsored three major WordCamps – Asia, Europe, and the US. Our commitment to the WordPress community continues with sponsorships of three local WordCamps this month:
- WordCamp Biarritz, France. Held on October 6th, 2023, this was the first edition of WordCamp Biarritz with 270 attendees.
- WordCamp Sevilla, Spain. It is one of Spain’s local WordCamps we sponsored this year. Taken place on October 20-22, 2023, and attended by 182 participants, this is the second time we have participated in WordCamp Sevilla.
- WordCamp Tegal, Indonesia. Attended by 78 people and organized differently than most local WordCamps, this event adopted a scale-up workshop format focusing on WordPress for enterprise topics. It is also one of the next-gen WordCamp pilot events.
Though these events are smaller than the flagship WordCamps, our mission is consistent – to engage with the WordPress community, understand user needs, and gather valuable feedback to enhance our hosting services.
State of the Word 2023 Announcement
Mark your calendars – the annual State of the Word address is set for December 11, 2023, at 15:00 UTC.
If you’re unfamiliar with State of the Word, it is the annual keynote address delivered by WordPress co-founder Matt Mullenweg. The session will reflect on the WordPress project’s progress and achievements throughout the year and outline its direction for the coming year.
This year’s State of the Word will also be the first one held outside of North America, as it will take place in Madrid, Spain. You can attend the keynote in person or catch the live stream, with more details to be released in November.
WordPress 6.3.2 Security Update
The WordPress 6.3.2 update rolled out on October 12, 2023, addressing 19 core and 22 block editor bugs. Most importantly, this update fixed eight security vulnerabilities, with some significant ones as follows:
- Cross-site scripting (XSS) vulnerabilities in the post link navigation block, footnotes block, and application password requests.
- Sensitive information exposure in the User Rest Endpoint allowed malicious actors to disclose users’ addresses by performing brute-force searches.
- If an attacker used the X-HTTP-Method-Override header to send a request to a public REST API and got a 4xx error, they could trigger a Denial of Service through cache poisoning. This means future visitors to that same endpoint would also encounter the error if it’s stored in the cache.
If you’re still using WordPress 6.3.1 or lower, we highly recommend updating to version 6.3.2 to keep your WordPress site secure. Some of these vulnerabilities also affected older WordPress versions from 4.1. Therefore, the fixes are backported to older versions.
Pro Tip
Enable WordPress auto-updates for minor releases to keep your website safe. Read our guide on how to update WordPress to learn more.
LiteSpeed Cache Plugin Security Update
The LiteSpeed Cache plugin has released version 5.7 to address an XSS vulnerability in version 5.6 and older. The issue stemmed from inadequate input sanitization and output escaping in the ESI shortcode.
Used by four million WordPress sites, including those hosted by Hostinger, it’s crucial to update to version 5.7 right away to mitigate any XSS risks.
Pro Tip
Monitor your plugin’s security status from hPanel via the WordPress → Security panel. Besides getting information about plugins and theme security, you can also update them easily without having to log in to your WordPress dashboard.
What’s Coming in November
The much-anticipated WordPress 6.4 is set to launch on November 7, 2023. This update will enhance the block editor workflow and introduce the new Twenty Twenty-Four default theme that comes with an array of patterns for various websites.
We’ve already taken a quick look at the WordPress 6.4 beta version. Keep an eye on our blog for comprehensive coverage of WordPress 6.4 and tips on leveraging its new features.
Leo is a Content Specialist and WordPress contributor. Armed with his experience as a WordPress Release Co-Lead and Documentation Team Representative, he loves sharing his knowledge to help people build successful websites. Follow him on LinkedIn.
