This Month in WordPress: October Roundup

This Month in WordPress: October Roundup

October has been a busy month leading up to the highly anticipated release of WordPress 6.4, scheduled for early November. But before that, we have some news in October to recap.

We saw important updates like the WordPress 6.3.2 security patch and the State of the Word 2023 announcement. At Hostinger, we also rolled out some key product updates for WordPress users.

Let’s get into the WordPress news and updates for October.

Hostinger AI Troubleshooter

We’ve launched the AI Troubleshooter, a new feature in hPanel designed to identify and help you resolve common website errors like 403, 404, 500, and 503. Currently, it’s optimized for WordPress installations. Here’s how to use it:

  1. Log in to the Hostinger Members Area and access your site’s hPanel.
  2. Go to WordPressAI Troubleshooter in the left panel.
  3. The tool will scan your website in seconds. If it detects an error, it will specify the type and offer immediate solutions.
  4. If the AI Troubleshooter can fix the issue automatically, simply click the Fix my website button to finalize it.
AI Troubleshooter tool on hPanel

This tool is currently in beta, but it’s fully functional for error resolution. Keep an eye out for additional features in the coming months.

Hostinger in Local WordCamps

This year, we’ve proudly sponsored three major WordCamps – Asia, Europe, and the US. Our commitment to the WordPress community continues with sponsorships of three local WordCamps this month:

  • WordCamp Biarritz, France. Held on October 6th, 2023, this was the first edition of WordCamp Biarritz with 270 attendees.
  • WordCamp Sevilla, Spain. It is one of Spain’s local WordCamps we sponsored this year. Taken place on October 20-22, 2023, and attended by 182 participants, this is the second time we have participated in WordCamp Sevilla.
  • WordCamp Tegal, Indonesia. Attended by 78 people and organized differently than most local WordCamps, this event adopted a scale-up workshop format focusing on WordPress for enterprise topics. It is also one of the next-gen WordCamp pilot events.

Though these events are smaller than the flagship WordCamps, our mission is consistent – to engage with the WordPress community, understand user needs, and gather valuable feedback to enhance our hosting services.

Hostinger booth at WordCamp Biarritz

State of the Word 2023 Announcement

Mark your calendars – the annual State of the Word address is set for December 11, 2023, at 15:00 UTC.

If you’re unfamiliar with State of the Word, it is the annual keynote address delivered by WordPress co-founder Matt Mullenweg. The session will reflect on the WordPress project’s progress and achievements throughout the year and outline its direction for the coming year.

This year’s State of the Word will also be the first one held outside of North America, as it will take place in Madrid, Spain. You can attend the keynote in person or catch the live stream, with more details to be released in November.

WordPress 6.3.2 Security Update

The WordPress 6.3.2 update rolled out on October 12, 2023, addressing 19 core and 22 block editor bugs. Most importantly, this update fixed eight security vulnerabilities, with some significant ones as follows:

  • Cross-site scripting (XSS) vulnerabilities in the post link navigation block, footnotes block, and application password requests.
  • Sensitive information exposure in the User Rest Endpoint allowed malicious actors to disclose users’ addresses by performing brute-force searches.
  • If an attacker used the X-HTTP-Method-Override header to send a request to a public REST API and got a 4xx error, they could trigger a Denial of Service through cache poisoning. This means future visitors to that same endpoint would also encounter the error if it’s stored in the cache.

If you’re still using WordPress 6.3.1 or lower, we highly recommend updating to version 6.3.2 to keep your WordPress site secure. Some of these vulnerabilities also affected older WordPress versions from 4.1. Therefore, the fixes are backported to older versions.

Pro Tip

Enable WordPress auto-updates for minor releases to keep your website safe. Read our guide on how to update WordPress to learn more.

LiteSpeed Cache Plugin Security Update

The LiteSpeed Cache plugin has released version 5.7 to address an XSS vulnerability in version 5.6 and older. The issue stemmed from inadequate input sanitization and output escaping in the ESI shortcode.

Used by four million WordPress sites, including those hosted by Hostinger, it’s crucial to update to version 5.7 right away to mitigate any XSS risks.

Pro Tip

Monitor your plugin’s security status from hPanel via the WordPress → Security panel. Besides getting information about plugins and theme security, you can also update them easily without having to log in to your WordPress dashboard.

What’s Coming in November

The much-anticipated WordPress 6.4 is set to launch on November 7, 2023. This update will enhance the block editor workflow and introduce the new Twenty Twenty-Four default theme that comes with an array of patterns for various websites.

We’ve already taken a quick look at the WordPress 6.4 beta version. Keep an eye on our blog for comprehensive coverage of WordPress 6.4 and tips on leveraging its new features.

The author

Leonardus Nugraha

Leo is a Content Specialist and WordPress contributor. Armed with his experience as a WordPress Release Co-Lead and Documentation Team Representative, he loves sharing his knowledge to help people build successful websites. Follow him on LinkedIn.