#260 – SudoWP Initiative, WP 7.0 Beta 1, Pressidium Edge Early Access, Beaver Team Pro Now Free

Hello!

This week on The WP Week Newsletter, we cover the launch of the SudoWP initiative, Matt Mullenweg and Automattic’s response to WP Engine’s third amended complaint, the release of WP 7.0 Beta 1, new board members of The WP Community Collective, new projects, and more.

Don’t forget to subscribe and listen to the podcast version of this newsletter, where you can hear more details and discussions about these topics and more.

New around here? Don’t miss the next issue, sign up now. Got something to share – connect with us.

See you next week!

Team WP-CONTENT.CO

🙌 This weekly newsletter is kindly sponsored by ProfilePress and WP Job Openings

ProfilePress – Create membership sites & sell subscriptions on WordPress Check it out  →

Create a career page and start recruiting talents in a few minutes Check it out  →

🗣️TALK OF THE TOWN

SudoWP is a community-focused initiative that takes over abandoned WordPress plugins to secure and maintain them. The project patches high-severity vulnerabilities to ensure the code remains safe and functional for the community. It also integrates large language model (LLM) capabilities to support plugin management. The initiative was launched by WP Republic and AmIHacked.

📰  WORDPRESS & AROUND

All the updates around WordPress and its closely related technologies

He states that certain paragraphs of the Third Amended Complaint by WP Engine contain confidential information about negotiations with hosting companies that seek endorsement on WordPress.org and that public disclosure of this information could harm his business by giving competitors or counterparties an unfair advantage, and he supports the sealing of these sections.

Also, Automattic, Matt Mullenweg, and WooCommerce filed their response to WP Engine’s latest filing.

🔧 TIP OF THE WEEK
Always Escape Output (Even ACF Fields)

Never output raw data—even if it comes from ACF or trusted sources. Escaping protects your theme from XSS vulnerabilities and keeps your frontend secure.

esc_html() for text
esc_url() for URLs
wp_kses_post() for rich text

Example:

echo esc_html(get_field(‘subtitle’));

Sanitize on input, escape on output.

This simple rule prevents most theme‑level security issues.

💵 INVESTMENTS, ACQUISITIONS & PARTNERSHIPS
  • ManageWP partners with Patchstack: With Patchstack’s RapidMitigate protection, ManageWP users gain automatic, proactive protection for their sites against vulnerabilities in plugins, themes, and WordPress core, even before exploits go public.
  • HubSpot acquires YouTube-based media brand Starter Story: Starter Story, founded in 2017 by Pat Walls, is a video-first brand with a large YouTube and newsletter audience, and its three-person team will join HubSpot Media as part of the acquisition.
  • Canva has acquired Cavalry and MangoAI: The Australian design company has bought Manchester-based Cavalry, a 2D animation platform used by teams at Amazon, Meta, Google, and Netflix, and U.S.-based MangoAI, which specializes in performance-improving video ads. Last year they acquired creative software platform Affinity.

👥 COMMUNITY NEWS

Updates and News from the WordPress Community

This marks the first expansion of the board since the organization was founded in 2022, with Reynolds also taking on the role of Interim President.

🚀 NEW PROJECTS
It indexes every action, filter, and JS API call from the actual source code and lets your AI query it before writing code. No more guessing. No more phantom hooks.

Marcel about creating the wp-devdocs-mcp
  • wp-devdocs-mcp: Developed by Marcel, this is a local MCP server that provides AI coding assistants with a verified WordPress hook database instead of relying on guesswork or training data.
  • WP WebMCP Layer: Created by Vikram, the plugin allows WordPress sites to expose structured tools via WebMCP (Web Model Context Protocol) so AI agents can interact with your site safely.  There is also support for WooCommerce and Paid Membership Pro.
  • IncidentWP: This delivers real-time WordPress error monitoring, helping you monitor PHP errors, user activity, plugin updates, and security events. Craig Gomes has announced that “Early Access” will be launching soon.
  • PublishPress Shortlinks plugin: The plugin lets you create custom branded, trackable URLs for both WordPress posts, including drafts and external links, with features like custom slugs, password protection, expiry dates, and much more.
  • WP Notificator: A project by Vagelis, which connects WordPress with real-world, physical notification devices. Early access is now available, and interested folks can sign up.
  • Ozinexus Missed Enquiry Detector: Developed by Simmi Ahuja, the plugin scans your site for common enquiry blockers and provides a diagnostic report inside your dashboard, with no tracking, data sharing, or intrusive actions.
  • VigiGuard Security: The plugin developed by Kashif Ahmed Khan provides one-click hardening, brute force protection, file integrity monitoring, activity logging, and a visual security health score.
  • Osom WP/Woo Detector Pro: A Chrome extension developed by Łukasz Kaczmarek, that detects WordPress & WooCommerce instantly and provides a full tech stack analysis, security audit, and one-click exportable reports.
  • FluentPlayer: An upcoming video player plugin that includes video playlists, chapters and timestamps, resume playback, overlays and buttons, email capture, and so on. Interested folks can join the waitlist now.
  • Sudo for WordPress: The plugin by Daniel Knauss adds a zero-trust layer by requiring re-authentication for all critical actions, protecting your site regardless of user role or session compromise.
  • Two new plugins by Per Søderlind: Talking Head plugin lets you write multi-speaker conversations in the WordPress block editor, then generate podcast-quality audio using AI text-to-speech, and the Color Me Beautiful plugin allows you to personalise the WordPress admin with your own accent colour.
  • ClawPress: This is an AI assistant plugin developed by Brad Vincent that works directly inside the admin area. It provides a floating chat panel, slash commands, and more.
  • Carousel Kit: A modular, high-performance carousel block for WordPress created by rtCamp that is powered by the Interactivity API and Embla Carousel.

🔖 INTERESTING READS & PODCASTS

More posts and podcasts from the WordPress Community you don’t want to miss

  • Matt Mullenweg on WordPress, AI, plugins, and the future of software engineering.
  • In this episode of Seriously, Bud?, Luca Rodino shares his professional journey from working at a small startup later acquired by Ernst & Young to helping grow SiteGround into a top hosting provider in Italy.
  • Matt Medeiros talks with Gabriella Laster on this episode of The WP Minute+ podcast about her journey in WordPress and the launch of Elementor One. They explore user feedback, product development challenges, AI integration, and balancing technical features with a smooth user experience.
  • In this episode of WP Tavern Jukebox, Matt Cromwell shared his journey from co-founding GiveWP to launching Roots and Fruit.
  • Jonathan Denwoon and Kurt von Ahnen, in this episode of WP-Tonic, conversed with Matt Mullenweg, where they explored the future of WordPress in an increasingly AI-driven landscape.
  • Kyle Van Deusen shared insights from a survey of 12,000+ agency owners on how they actually optimize images for WordPress sites.
  • Elliott Richmond on how Automattic’s new Claude Cowork plugin builds block themes from a prompt.
  • Rino de Boer shared his take on Elementor One after several weeks of testing and reviewing community feedback.
  • Lawrence Ladomery argues that while 2025 was all about brand, 2026 is the year for creativity in WordPress marketing.
  • Kari McMahon reports on how AI generated low quality contributions are straining open source projects, pushing maintainers toward burnout and prompting platforms like GitHub and communities such as WordPress to introduce new safeguards.
  • Lena Iñurrieta reflects on the recently concluded WordCamp Valencia 2025, highlighting two inspiring days of innovation, community, and collaboration within the WordPress ecosystem.
  • Basiq Ali explains how CMS detector tools help users quickly identify the software behind any website, including its CMS, themes, plugins, hosting, and other technologies.
  • Boris Tane argues that AI agents haven’t just sped up software development, they’ve fundamentally replaced the traditional SDLC.
  • Jonathan Bossenger explored the WordPress Studio MCP server and how it connects WordPress Studio with AI tools. After setting up MCP in VS Code, he uses an AI agent to build a custom block theme for a small coffee shop.
  • Scott Jehl and his team at Squarespace are advancing a proposal to bring native lazy-loading to HTML video and audio.

🛠 GUIDE ZONE – HOWTO’S and MORE

Handpicked fresh guides from WordPress circle

📆 SAVE THE DATES

Do not miss a WordPress event ever again

🎁 WORDPRESS DEALS OF THE WEEK

Again, these are the best deals of the week, handpicked by yours!

EXCLUSIVE DEALS
  • 4 Months free offer on hosting plans of WP Engine (Coupon Code- FREEDOMTOCREATE)
  • 10% off on monthly & annual plans at SureTriggers (Coupon Code- WPCONTENT10)
  • Up to 84% off at Hostinger (Code NYSALE for an extra 10% off)
  • 15% off yearly plans at Videvo (Coupon Code – WPV15)
MORE DEALS

This weekly newsletter is kindly sponsored by awesome WordPress Companies 🦸‍♂️🙌

ProfilePress – Create membership sites & sell subscriptions on WordPress Check it out  →

Create a career page and start recruiting talents in a few minutes Check it out  →

Last but not least, updates from WP-CONTENT.CO 👇

WP Engine has filed a new amended complaint in its lawsuit against Automattic and WordPress co-founder Matthew Charles…

A recent post by Matt Mullenweg on the Make WordPress Community blog has sparked discussion across the WordPress…

The AI content assistant Bertha.ai is exiting from the WordPress plugin repository after a compliance review identified code,…

WPvivid Backup & Migration plugin, with more than 900,000 active installations, has patched a critical vulnerability (CVE-2026-1357) that…

Team WP-CONTENT.CO

This weekly newsletter is kindly sponsored by Kinsta, ProfilePress, and WP Job Openings

Built with Newsletter Glue.