#225- WCUS 2025 Social Media Stir, Automattic Turns 20, WP To End Support For Old Versions

Issue #225 | June 24, 2025 | Reading time: 19 mins

Hello!

This week on The WP Week Newsletter, we cover the WCUS 2025 social media post that sparked community-wide discussions, Automattic turning 20, WordPress to drop support for versions 4.1-4.6 soon, exciting new projects, and more.

Don’t forget to subscribe and listen to the podcast version of this newsletter, where you can hear more details and discussions about these topics and more.

See you next week!

Team WP-CONTENT.CO

🙌 This weekly newsletter is kindly sponsored by Kinsta, Omnisend, and WP Job Openings

Kinsta Managed Hosting

Kinsta – Highest-rated managed WordPress hosting provider on G2 Check it out →

Omnisend

Boost your sales with email & SMS—without breaking the bank Check it out →

Easy-peasy Recruitment Plugin

Create a career page and start recruiting talents in a few minutes Check it out →

🗣️TALK OF THE TOWN

WordCamp US 2025 social media post sparked discussion

A social media post on X stating that WordCamp US 2025 is an Automattic event sparked a community-wide discussion. It was posted as a reply to developer Daniel Hayes Smith, and later a clarification was provided regarding it, “ Lots of assumptions, my apologies. I’m a new community member without all the facts and just volunteering to help an event that has personally supported me and given me tons of value.”

The team later made it clear that it is not an Automattic-run event: ” We’d like to clarify: WordCamp US, like all WordCamps, is not an Automattic-run event. It’s organized by the broader WordPress community, with programming led by a diverse group of contributors.”

📰 WORDPRESS & AROUND

All the updates around WordPress and its closely related technologies

Security updates to be discontinued for WordPress versions 4.1–4.6

Starting July 2025, the WordPress Security Team will no longer provide updates for WordPress versions 4.1 through 4.6. While official support is limited to the latest WordPress release, the team has long offered backported security fixes to older versions in the hope that the sites will be updated to the latest version.

Survey: Which WP accessibility documentation do you need?: Work is progressing on enhancing the accessibility documentation in the team’s Handbook, and your input can help shape it. If you’d like to share what you think is important to include, please take a moment to fill out the feedback form.
Five for the Future WCEU25 chat: At WCEU 2025, WordPress leaders, contributors, and sponsors came together for a deep dive into the future of contribution. The discussion centered around evolving Five for the Future (5ftF), addressing burnout, redefining what counts as contribution, and improving governance, funding, and recognition across the ecosystem.
The Incident Response Team is looking for new members: The applications are now open and will remain open until July 6, 2025.
Celebrating 20 Years of Automattic: On June 20, 2025, Automattic marked its 20th anniversary. Founded in 2005 by Matt Mullenweg after hiring Donncha Ó Caoimh, the company has grown from a small team to a global force of over 1,480 employees in 82 countries. Matt also wrote about the occasion, stating, “Gosh, it’s been quite a journey, and it still feels like we’re just getting started in so many areas.”
WooCommerce 9.9.4: Fixes and an updated email rollout: WooCommerce 9.9.4, release focused on stability improvements, security enhancements, and bug fixes. Key changes include pausing the automatic rollout of the new email design (now manual opt-in), sanitizing admin report inputs to prevent SQL injection, and more. Additionally, WooCommerce 9.9.5 has been released, which fixed the unwanted block styles loading on all pages in classic themes. Also, WooCommerce 10.0 is currently scheduled for release on July 7, 2025..
Attackers actively exploiting critical vulnerability in Motors Theme: A critical privilege escalation vulnerability (CVE-2025-4322) was discovered in the popular Motors WordPress theme (≤5.6.67), allowing unauthenticated attackers to reset user passwords including admins and take over sites. All users are to update to the latest version immediately.
100,000 WordPress sites affected by privilege escalation via MCP in AI Engine WordPress plugin: This vulnerability can be exploited by authenticated attackers, with subscriber-level access and above, to get full access to the MCP and execute various commands like ‘wp_update_user’, allowing them to escalate their privileges to administrators by updating their user role. The vulnervilty was patched and users are to update to the latest version.
Malicious WordPress plugin creates hidden admin user backdoor: The Sucuri team discovered a malicious WordPress plugin disguised as php-ini.php that was found creating a hidden admin user named mr_administartor. The plugin executed code only when a specific URL parameter was triggered, quietly adding a backdoor admin account. The team also discovered another malicious plugin named wordpress-player.php that was found redirecting site visitors to suspicious websites after a few seconds.
A deep dive into a modular malware family: This in-depth analysis by Wordfence reveals a modular and evolving malware framework actively targeting WordPress sites since 2023. Initially disguised as a rogue WordPress plugin, the malware exhibits sophisticated features: credit card skimming, login credential theft, ad fraud, and even backend manipulation to hide fraudulent transactions.
Google adds AI Mode Traffic to Search Console Reports: Google updates documents to show that it now includes AI Mode traffic in Search Console Performance reports.
Google launches ‘Search Live’ real-time voice search in AI mode: Google Search Live with real-time voice conversations is now available in AI Mode for U.S. users. Talk to search, get audio responses plus web links.

💵 INVESTMENTS, ACQUISITIONS & PARTNERSHIPS

JetHost acquires WebHostFace: JetHost, a newly launched hosting company, has acquired WebHostFace in its first major move toward global expansion.

👥 COMMUNITY NEWS

Updates and News from the WordPress Community

WPEngine–Automattic legal hearing rescheduled

Originally set for June 5, 2025, the hearing was vacated due to the Court’s full calendar. It will now take place on August 28, 2025, at 2:00 PM, as approved by Judge Araceli Martínez-Olguín. WordCamp US 2025 is scheduled to run from August 26 to 29, overlapping with the new hearing date.

WordPress now available for CERN websites: WordPress has officially replaced Drupal as CERN’s web content management system. This shift follows a year of development and collaboration between CERN’s International Relations and IT departments, under the guidance of the Web Governance Board.
Niagahoster becomes Hostinger: Hostinger has fully integrated its Indonesian branch, Niagahoster, into one unified brand.
PersonalizeWP Pro is now completely free: PersonalizeWP Pro, a powerful WordPress personalization plugin, is now completely free. Also, the code for PersonalizeWP will soon be available on GitHub.
As Robert DeVore steps back, WebDevStudios adopts 20 of his WordPress plugins: The move comes after Robert DeVore announced his departure from WordPress earlier this month.
Andy Peatling has left Automattic: Andy Peatling announced his departure from Automattic after 17 years, marking a return to entrepreneurship. He played a key role in scaling the company from 20 to nearly 2,000 people and spent his final two years focused on AI application development.
Mark Zahra raises concerns over product advertisements in WordPress block editor settings: This time, he notes BetterDocs, created by WPDeveloper, shows a banner in the block editor to advertise another plugin. He also highlighted that the CTA button installs the plugin automatically and affects the UI.
New poll created by Felix Arntz with regard to a PHP AI Client SDK: The WordPress AI Team is building a PHP AI Client SDK and needs community feedback.
New milestone achieved by MaxUploader plugin: The plugin created by CodePopular which allows users to increase the media file upload size, has now over 100,000+ active installations.
Jagir Bahesh receives the Yoast Care fund for his contribution to the WordPress community: Jagir Bahesh, a member of the WordPress Core Team, is the latest recipient the Yoast Care fund.

🚀 NEW PROJECTS

XMLMap – XML & HTML Sitemap Generator plugin: The plugin developed by Mahesh, allows users to automatically creates and updates XML sitemaps for search engines (Google, Bing) and HTML sitemaps for your website visitors.
Introducing LLM URL Solution plugin: The plugin developed by Jack Arturo and his sister, the plugin will automatically generate SEO-optimized content for 404 URLs that originate from AI chatbot searches like ChatGPT, Claude, and others.
Flexi Archiver is now live: Tyche Softwares has released Flexi Archiver, aimed at allowing site admins to archive old WooCommerce orders to FlexiArchiver’s cloud, which in turn reduces database bloat and thereby speeds up your website. Even if the orders are archived, the customers will still be able to access them.
Orca WP Plugins launched: Rynaldo S. has launched Orca WP Plugins, a new collection of premium WooCommerce extensions.
Sliderberg plugin: The plugin created by Imtiaz Rayhan is a powerful and user-friendly slider and carousel block for WordPress that allows you to create beautiful, responsive slideshows and carousels with ease.
ChatGPT Embeds plugin: A client-exclusive plugin launched by Joe Youngblood that provides automated blog post summaries, generate data insights, and so on.
Community + Code podcast launched: Chris Reynolds has launched this new podcast, and a couple of episodes are now live.

🔖 INTERESTING READS & PODCASTS

More posts and podcasts from the WordPress Community you don’t want to miss

Dissecting Matt Mullenweg’s comments at WordCamp Europe, part 2: Sam Sidler covers two other topics that briefly came up during the fireside chat: the WordPress Foundation and Five for the Future. From The Delta.
15 WordPress Interactivity API examples: A deep dive into the new WordPress Interactivity API, showcasing 15 real-world examples of how it makes interactive sites easier to build. From WP. Gallery.
In conversation with Dan Knaus: Dan Knauss shares his journey from a literature-loving high school student in the 1970s to his current role as a WordPress solutions architect at MultiDots. He reflects on his academic roots, family life, and eventual shift into web development and enterprise solutions. From Seriously, Bud?
Modular DS looks for growth in the WordPress site management space: In this interview, Modular DS Content Lead Reyes Martínez discusses the startup’s goals in the WordPress site management space. She highlights their focus on ease of use, multilingual support, and growth beyond Spanish-speaking markets. From The WP Minute.
Tom Willmot and Jon Ang on building a global bank website: In this podcast episode, Tom Willmot and Jon Ang of Human Made discuss their work building and scaling a global WordPress platform for Standard Chartered Bank. From WP Tavern Jukebox.
How to tell if your WordPress news is really newsworthy with Rae Morey and Adam Weeks: Rae Morey and Adam Weeks dive into what truly makes something “news” in WordPress, why not every company update deserves coverage, and the importance of thinking from the audience’s perspective when pitching stories. From OpenChannels.fm.
Post Status Cache Up with Carrie Dils, Mika Epstein, and Ryan McCue: The group discussed their roles in the WordPress community and the new FAIR project. The group explores FAIR’s mission to create a federated independent repository system for WordPress plugins and themes, focusing on decentralization, community-driven moderation, inclusive governance, and privacy.
Raquel on PressConf, WordCamp, Music, and WonderlandCurious at Cosmos by WPLift: The conversation touched upon Raquel’s journey in WordPress, reviving PressConf, understanding the business of WordPress, and much more. From WPLift.
Automattic at 20: Beau Lebens reflects on Automattic’s 20th anniversary and his own 16-year journey with the company. From joining after a chance internet meetup in 2009 to now leading the WooCommerce business and so on. From Beau Lebens.
Can WordPress finally fix Five for the Future? Contributors see rare chance for reform: With leadership backing and fresh momentum, contributors see a rare window to fix long-standing issues with WordPress’s contribution program. From The Repository.
WordCamp US faces scrutiny over Automattic’s role as ticket sales lag: A social post has sparked renewed questions about who controls WordCamp US programming, highlighting broader concerns about transparency, delayed planning, and the fallout from last year’s controversial keynote. From The Repository.
AspirePress: The quiet project powering FAIR’s infrastructure: Founded after WordCamp US 2024, AspirePress laid the technical foundation for the FAIR project and is continuing to build out a distributed, community-driven alternative to WordPress.org’s core, plugin and theme delivery system. From The Repository.
WPBakery’s recap of WordCamp Europe 2025: Raitis shares that WordCamp Europe 2025 in Basel marked a shift toward deeper collaborations and cross-ecosystem partnerships, beyond just community spirit. Key topics included the rise of AI in WordPress, the growing excitement around the FAIR initiative, which aims to decentralize plugin and theme distribution.
What if WordPress became the agentic web’s front end?: James Giroux attended Salesforce Connections to observe how enterprise teams are approaching the future of digital experiences. He found that while WordPress wasn’t featured on stage, it was frequently mentioned in side conversations, showing it’s still a key part of many enterprise tech stacks. From James Giroux.
Building better social networks through decentralization: Ronnie Burt explores how decentralized social networks aim to fix the growing dissatisfaction with traditional platforms. From Gravatar.
We’re all senior developers now: Brian Coords reflects on his experience using AI tools like Copilot and Cursor to build a custom WordPress block. While AI sped up development, it often made mistakes or missed key context, requiring the author’s expertise to fix issues.
Tihomir Dmitrović’s Journey: Integrating AI Agents in WordPress Using MCP: This episode dives deep into the concept of MCPs (Model Context Protocols, API standards designed for seamless communication between AI agents and platforms like WordPress. From OpenChannels.fm.
What is a Community?: Michelle Frechette reflects on what defines a community, especially within WordPress. She explores whether community requires participation, shared interests, or simply using the same tools. From Post Status.
New SEO plugin for WordPress – SureRank beta first look: Pascal Claro explored the upcoming SureRank plugin, which isin its Beta 2 phase.
James Welbes on how he rebuilt a Divi website using Etch: James Welbes rebuilt a slow Divi-powered WordPress site using the Etch builder, resulting in major improvements in speed, accessibility, and SEO. From James Welbes.
The long-term cost of short-term platforms: Jono Alderson highlighted that while quick-launch platforms like Wix and Shopify offer convenience but become limiting as businesses grow. WordPress, while more complex, provides the flexibility and control needed for long-term success. From Jono Alderson.

🛠 GUIDE ZONE – HOWTO’S and MORE

Handpicked fresh guides from WordPress circle

WordPress Hybrid Themes: A user and developer approach: From Kinsta
Using WordPress MCP as a Development Tool: From WebDevStudios
The ultimate guide to automated visual testing for WordPress plugins: Never break your site again: From Varun Dubey
Migrating your JavaScript codebase to TypeScript with Cline & Gemini: From Felix Arntz
Creating a Headless WordPress site from a Blueprint: From Delicious Brains

📆 SAVE THE DATES

Do not miss a WordPress event ever again

WPCampus 2025 on July 23–25, 2025: The call for proposals is now open.
WordCamp US on August 26-29, 2025: The call for organizers and sponsor applications is now open.
LoopConf 2025 on September 25: The registration is now open.
SomeConf 2025: The event is in the early planning stages. The call for sponsors and speakers is now live.
WordCamp Canada on October 16-17 2025: The call for sponsors is now open.
WordCamp Asia 2026: It is tentatively planned for early February 2026 and the call for organizers is now open.

🎁 WORDPRESS DEALS OF THE WEEK

Again, these are the best deals of the week, handpicked by yours!

EXCLUSIVE DEALS

4 Months free offer on hosting plans of WP Engine (Coupon Code- FREEDOMTOCREATE)
10% off on monthly & annual plans at SureTriggers (Coupon Code- WPCONTENT10)
15% off yearly plans at Videvo (Coupon Code – WPV15)

MORE DEALS

Up to 50% off on BookingPress plugin
Up to 70% off on Shared Hosting plans at InMotion Hosting (Till May 29, 2025)
50% off for the first 6 months on all monthly standard plans at Kinsta
50% off 3 months on Liquid Web’s Bare Metal server hosting
20% off for Constellation plugin
60% off for the lifetime plan for the Modern Cart for WooCommerce plugin.