#231- Plugin Readme File Update, Woo Withdraws Theme Submission, SOEWP 2025 Survey

Issue #231 | August 5, 2025 | Reading time: 18 mins

Hello!

This week on The WP Week Newsletter, we cover WooCommerce ending the development of their new block theme, the Plugin Review team mandating the readme file to be in English, State of Enterprise WordPress Survey 2025, new projects, and more.

Don’t forget to subscribe and listen to the podcast version of this newsletter, where you can hear more details and discussions about these topics and more.

See you next week!

Team WP-CONTENT.CO

🙌 This weekly newsletter is kindly sponsored by Kinsta, 20i and WP Job Openings

Kinsta Managed Hosting

Kinsta – Highest-rated managed WordPress hosting provider on G2 Check it out →

20i WordPress Hosting

Next-Gen Managed WordPress Hosting Check it out →

Easy-peasy Recruitment Plugin

Create a career page and start recruiting talents in a few minutes Check it out →

🗣️TALK OF THE TOWN

WooCommerce ends development of “Purple” block theme and withdraws submission

Earlier, the WooCommerce team announced progress on their first official block-based theme, code-named “Purple.” On July 15, they paused the theme’s submission to WordPress.org. Now, they’ve confirmed that the submission has been fully withdrawn as part of a strategic shift in direction.

📰 WORDPRESS & AROUND

All the updates around WordPress and its closely related technologies

Plugin Team has announced that the readme file to be written in English

The WordPress Plugin Review Team now requires all plugin readme.txt files to be written in English. This ensures smoother communication during reviews, supports accurate translations via translate.wordpress.org, and maintains consistency across the Plugin Directory.

Test Team’s overview of the first onboarding session & workflow review: The Testing Team held an onboarding session to introduce a proposed new workflow aimed at improving bug resolution and patch delivery by encouraging component specialization and implementing a GitHub-based “mini-tracker” system.
WordPress Academy: A case study from WordCamp Krakow: Sebastian Misniakiewicz shares how WordCamp Krakow 2025 built on a bold idea from the previous year, launching the WordPress Academy to welcome beginners alongside Contributor Day. Initially started in 2024 to counter the misconception that WordCamp was only for experts, the Academy offered lectures and workshops tailored to newcomers.
Call for Accessibility Team Representatives: The WordPress Accessibility Team is seeking two new Team Reps as the current reps step down in August. Interested contributors can nominate themselves or others by commenting on the post and joining the meeting on Friday, August 6, 2025.
Unauthenticated arbitrary file deletion vulnerability in Litho theme: The vulnerability allowed attackers to delete key files like wp-config.php, potentially taking over a site was patched recently. The issue stemmed from missing authentication and nonce checks. Users are urged to update to the latest version.
100,000 WordPress sites affected by arbitrary file upload vulnerability in AI Engine WordPress plugin: A critical vulnerability (CVSS 8.8) in the AI Engine WordPress plugin (versions 2.9.3–2.9.4) allowed authenticated users (subscriber level and above) to upload arbitrary files if the Public API option was enabled without authentication. Users are advised to update to the latest version immediately.
Attackers actively exploiting critical vulnerability in Alone theme: A critical vulnerability (CVE-2025-5394) in the Alone WordPress theme (<= v7.8.3) allows unauthenticated attackers to upload malicious plugins and achieve remote code execution, leading to full site takeovers. A patched version was released to address this issue.
ChatGPT kills Google-indexable chats over privacy fears: ChatGPT’s public sharing feature is gone due to risks of accidental data leaks. The tool let chats appear in Google search results.
Google backtracks on plans for URL shortener service: Google announced that they will continue to support some links created by the deprecated goo.gl URL shortening service, saying that 99% of the shortened URLs receive no traffic.
Chrome trial aims to fix core web vitals for JavaScript-heavy sites: Google Chrome is testing a new API to accurately measure Core Web Vitals in SPAs.

💵 INVESTMENTS, ACQUISITIONS & PARTNERSHIPS

TeamUpdraft joins the Codeable Partners Network: TeamUpdraft has joined the Codeable Partners Network, becoming part of a select group of trusted WordPress companies.
Elavon and Woo expand payments partnership to North America: Elavon and WooCommerce are expanding their successful European payments partnership to North America, giving U.S. and Canadian merchants access to Elavon’s secure, flexible, and scalable payment solutions via a free extension on the WooCommerce Marketplace.

👥 COMMUNITY NEWS

Updates and News from the WordPress Community

The State of Enterprise WordPress Survey 2025 is now open

The Survey is back for its third year, aiming to dig deeper into how large organizations are implementing WordPress at scale. It explores the challenges they face, the strategies they use, and the opportunities they see ahead, offering valuable insights into the evolving enterprise WordPress ecosystem.

The 20i FOSS Awards 2025 is now live: Voting is now open for the 2025 20i FOSS Awards, which celebrate developers behind free and open-source software. Participants can vote across 11 categories, support their favorite projects, and even win prizes like free hosting and merch.
Patchstack’s 2025 mid-year WordPress vulnerability report: This mid-year report from Patchstack reveals a surge in WordPress vulnerabilities, 6,700 discovered in just six months, with 41% deemed exploitable in real-world attacks. Most flaws were found in plugins (89%), especially involving XSS, CSRF, and LFI. Nearly 58% of vulnerabilities require no authentication to exploit, posing major risks to users and hosting providers.
The State of WordPress in Higher Education: A joint report by WPCampus and Human Made explores how universities are using WordPress, based on insights from over 100 higher ed professionals. The findings reveal that WordPress remains a widely trusted platform, but institutions are demanding more from it amid evolving digital needs. WordPress continues to meet higher education’s complex requirements, but expectations for usability, governance, and workflow efficiency are rising.
ACF Annual Survey 2025: The main goal of this survey is to learn how users across the globe use ACF, how they build websites with WordPress, and the areas that need improvement to make ACF better.
New milestone for Simple Cloudflare Turnstile plugin: The plugin now has over 100,000+ active installs.
Judge.me is retiring its app on WooCommerce: Mike Valera on X highlighted the community about this development. The app is scheduled for full deactivation on September 30, 2025.
WordPress Coding Standards 3.2.0 released: This release brings improvements to how code is checked for quality and consistency. It adds new rules to catch potential issues, updates support for the latest WordPress version (6.8.1), and ensures better compatibility with newer versions of PHP. Some outdated checks have been removed, performance has been improved, and documentation has been expanded to help developers write cleaner, more reliable code.
Blocksy 2.1.5 released: The update improves compatibility with the latest Simply Static plugin, enhances click handling for cart headers inside offcanvas panels, and adds a new filter to control vertical spacing. It also improves how offcanvas links are detected when opened in new tabs or modals, and ensures course page titles display correctly in Tutor LMS when the “coming soon” feature is active.
AI Services 0.7.0 is now available: This release adds text-to-speech and speech generation capabilities, and web search support to applicable providers. Besides this the plugin now supports new providers like Mistral, Perplexity, xAI.
A new and improved code editing experience: WordPress.com has rolled out a new and improved code editing experience within the admin interface, enhancing both the post/site code editors and the Additional CSS input box. Users now benefit from modern features like syntax highlighting, autocomplete, intelligent formatting, and search/replace functionality.
Kodee Agentic AI for WordPress: A new AI site manager developed by Hostinger that responds to prompts and assists you in completing various tasks.
Subrata Sarkar receives the Yoast Care fund for his contribution to the WordPress community: Subrata Sarkar, a member of the WordPress Community Team is the latest recipient of the Yoast Care fund.

🚀 NEW PROJECTS

AffiliatePress launching soon: BookingPress has announced an all-new affiliate plugin for WordPress. Interested folks can join the community to receive early access.
EventKoi is now live: This is a new events calendar plugin created by Lesley Sim and Ahmed F.
WP License Activations: A new project by Vikas Singhal, this is a WP‑CLI utility to activate and manage licenses for popular WordPress plugins and themes.
Flying TTFB: This is a free tool created by FlyingPress that allows users to check a website’s Time to First Byte (TTFB) from 22 global locations.
Gravity Forms Feed Error Alerts add-on: The add-on developed by JetSloth allows users to monitor, review, and be notified of feed errors across your Gravity Forms integrations.
Gemini Image Generation plugin: The plugin created by Dhananjay Kuber integrates the Gemini AI into your WordPress media library, allowing you to create images directly from text prompts.
Introducing Website Security Analyzer: The tool created by Sal Aguilar provides users with a comprehensive analysis of website security, SSL certificates, WHOIS information, CMS detection, and security headers.
Image Gallery plugin: The plugin created by Imtiaz Rayhan lets you create responsive, customizable image galleries with various layouts and customizations.
Scroll to Top block: The Automattic Special Projects team released a new Scroll to Top block for WordPress. Designed for block themes, it adds a customizable floating or static button that lets users quickly scroll to the top of a page.
Logify WP plugin: The plugin provides real-time, detailed logs of activities happening across your WordPress website.

🔖 INTERESTING READS & PODCASTS

More posts and podcasts from the WordPress Community you don’t want to miss

WordPress AI Team on future of WP, and human side of AI: In this episode host Julia is joined by James LePage, Pascal Birchler, and Jeff Paul, and the conversation covered how the AI Team came together and what they’re building, AI’s potential for collaboration, multilingual, and UX in WordPress, and so on. From WPLift.
In conversation with Robert Jacobi: Robert Jacobi, multilingual tech expert and Chief Experience Officer at Blackwall, shares his journey from finance to web development and cybersecurity. From Seriously, Bud?
Mariya Moeva on the impact of Google’s SiteKit on WordPress: Mariya Moeva, product lead for Google’s Site Kit plugin for WordPress, discusses its evolution, goals, and impact. With over 5 million installs, Site Kit simplifies access to key Google tools like Search Console, Analytics, and AdSense through a unified, beginner-friendly WordPress dashboard. From WP Tavern Jukebox.
Learn, share and grow with the WordPress developer blog community: Abha Thakor sits down with Justin Tadlock and Mary Baum, two key voices behind the WordPress Developer Blog, to explore how this powerful resource helps developers at every stage. From OpenChannels.fm.
Navigating rebranding phase two with sunsetting series and channel updates at Open Channels FM: BobWP shares that Open Channels FM is now in phase two of its rebranding, focusing on reorganizing its content into series formats. Some shows are being retired, others refreshed, all with the aim of better aligning with listener needs and shifting priorities. From OpenChannels.fm.
Perspectives with Sam Sidler: Sam Sidler joined Luke and Jonathan to discuss a wide range of topics, from governance and the benevolent dictator model to Five for the Future and the FAIR project, and finally landing on Sam’s predictions for the future of WordPress. From Crossword.fm.
Better agency workflows with Greyd: Matt is joined by Sandra Kurze to discuss the unique offerings of Greyd, a comprehensive suite of tools designed for web agencies and enterprises. They review the challenges of enterprise projects, the importance of pricing and value in WordPress tools, and so on. From The WP Minute.
Custom database tables in WordPress, and when to use them: Remkus de Vries explores when to use custom database tables in WordPress instead of relying on post types and postmeta. There’s no fixed rule, and developers should consider the amount of data and query complexity. From Remkus de Vries.
Why plugin, theme & addon authors should join a vulnerability disclosure program: Lawrence Ladomery emphasizes the need for WordPress plugin, theme, and addon developers to join VDPs to handle security issues responsibly. VDPs help reduce risk, improve trust, ensure legal compliance, and strengthen the WordPress ecosystem, especially with new regulations like the EU Cyber Resilience Act. From WPBakery.
How to write an effective support request: This article from Barn2Plugins explains how to write an effective support request by clearly outlining what the issue is, where and when it occurs, providing steps to reproduce it, including temporary login details if necessary. From Barn2 Plugins.
How I moved customizer CSS to an external file (and why it matters): Matt Cromwell explains that he built a lightweight WordPress plugin that moves Customizer Additional CSS” tags to an external stylesheet. This improves performance, caching, and maintainability without needing a child theme or file edits. From Matt Cromwell.
Agentic AI coming to WordPress: Hostinger and Elementor rolling out chat-based site management: Hostinger’s Kodee and Elementor’s Angie will introduce chat-based AI assistants to simplify WordPress site management. From The Repository.
Crafted With Code: Code for Good: WP Engine covered the stories behind Webby-recognized sites built with purpose and powered by WordPress. From WP Engine.
WordPress as a low-code platform: How far can you really go?: This article examines the capabilities of WordPress as a low-code platform, highlighting how much you can create with minimal coding, where its limitations begin, and how it stacks up against other low-code solutions. From Kinsta.
Top 10 ways for hosting companies to reach (and keep) new customers: Bridget Willard outlines ten effective strategies for WordPress hosting companies to attract and retain customers, emphasizing both acquisition and long-term loyalty. From The WP Minute.
Why sponsoring WordPress content creators is a win for your brand: Maria Ansari argues that while sponsoring developers is crucial for WordPress stability, supporting content creators is just as important for growth. Educators like bloggers and YouTubers help onboard users, build trust, and expand the ecosystem making creator sponsorship a smart, long-term brand investment. From The WP Minute.

🛠 GUIDE ZONE – HOWTO’S and MORE

Handpicked fresh guides from WordPress circle

How to build WordPress plugins with Claude Code and Insta WordPress site: From Vikas Singhal
You don’t need theme.json for block theme styles: From WordPress Developer Blog
Conditionally insert content into WordPress posts using the_content hook: From David Allsop
Moving WordPress to a new domain: A step-by-step guide without breaking links: From Delicious Brains

📆 SAVE THE DATES

Do not miss a WordPress event ever again

WordCamp US on August 26-29, 2025: The call for organizers and sponsor applications is now open.
LoopConf 2025 on September 25: The registration is now open.
SomeConf 2025: The event is in the early planning stages. The call for sponsors and speakers is now live.
WP Suomi 2025 on October 10: The call for speakers is now open.
WordCamp Canada on October 16-17 2025: The call for sponsors is now open. The first round of the speaker list has been published.
WordCamp Asia 2026: It is tentatively planned for early February 2026 and the call for organizers is now open.
WordCamp Europe 2026 on June 4-6: The call for organizers is now open.

🎁 WORDPRESS DEALS OF THE WEEK

Again, these are the best deals of the week, handpicked by yours!

EXCLUSIVE DEALS

4 Months free offer on hosting plans of WP Engine (Coupon Code- FREEDOMTOCREATE)
10% off on monthly & annual plans at SureTriggers (Coupon Code- WPCONTENT10)
15% off yearly plans at Videvo (Coupon Code – WPV15)