WordPress 5.6 has been released with dozens of improvements and new features. Code named Simone (honoring singer Nina Simone), WordPress 5.6 has been met with a positive response, possibly because it didn’t break anything.
The substance of what’s new in WordPress 5.6 can be described as mostly good, some meh and one issue that’s ugly.
Enable jQuery Migrate Plugin Updated
The last two updates were somewhat rocky due to millions of websites breaking or accidentally updating with a beta version of WordPress.
The biggest potential issue was with the jQuery Migrate deprecations and updates.
WordPress 5.6 managed to avoid the legacy jQuery plugin issues experienced with the WordPress 5.5 update in August 2020. That was the update that caused websites to stop functioning in myriad and unexpected ways.
The reason those issues were avoided this time around is because WordPress 5.6 updated the Enable jQuery Migrate plugin in order to avoid a repeat of websites crashing.
When the plugin is active and the publisher is logged in, the plugin will detect outdated jQuery and log it, presenting a display at the top of page to signal the problem.
The plugin detects jQuery issues from page to page as the pages are served to the publisher as they browse the site.
There is an option to perform similar logging using pages served to users are browsing the site, but WordPress warns that this could create significant server load and recommends not turning it on.
There is a deprecation log page that shows the plugins responsible for the warnings. After updating a plugin the publisher can clear the old log and resume browsing again to see if the Enable jQuery Migrate plugin detect additional issues.
“With the above in mind, the Enable jQuery Migrate Helper plugin was updated for the release of WordPress 5.6, this provides a temporary downgrade path to run legacy jQuery on a site when needed.
The reason this is considered a temporary solution, is that the older version of jQuery no longer receives security updates, and the legacy version will not be patched manually if anything should occur that warrants updates to it.”
WordPress 5.6 is shipping with their first version of WordPress that is (somewhat) PHP 8 compatible, the newest version of PHP that was released in November. However, this compatibility is meant to be regarded as beta compatible.
Because the WordPress PHP 8 compatibility news manages to be both good and less than good news it ends up being… meh.
As noted in the official guidance of WordPress 5.6 and PHP 8 Compatibility:
“WordPress Core aims to be compatible with PHP 8.0 in the 5.6 release (currently scheduled for December 8, 2020).
…Significant effort has been put towards making WordPress 5.6 compatible with PHP 8 on its own, but it is very likely that there are still undiscovered issues remaining.”
Publishers should test first before upgrading their version of PHP because themes and plugins at this point in time will very likely not be ready for PHP 8.
That’s why WordPress’ announcement framed PHP 8 compatibility as one of the first steps, because of potential compatibility bugs and because themes and plugins may not be compatible yet.
According to WordPress:
“5.6 marks the first steps toward WordPress Core support for PHP 8.”
One of the new features in version 5.6 that the WordPress team are rightfully proud of also contains a potential downside to it that if fully exploited could lead to a full site takeover.
WP 5.6 introduces the REST API authentication with Application Passwords Feature
The App Passwords Feature allows third party apps to connect to your website and add functionality.
“Thanks to the API’s new Application Passwords authorization feature, third-party apps can connect to your site seamlessly and securely. This new REST API feature lets you see what apps are connecting to your site and control what they do. “
However, according to WordPress security plugin publisher Wordfence, a social engineering attack could be used against a site administrator to obtain administrator credentials.
Social engineering is a hacking method that relies on tricking into providing information or access.
For example, Phishing is a form of social engineering where an attacker may email a victim posing as their bank, requesting that they reset their login credentials.
A link in the email leads to a copycat site that resembles a bank website where the victim enters their user name and password which is then harvested to obtain access to their banking account.
Wordfence describes a social engineering attack where a criminal could create an app that impersonates a trusted App, leading the site publisher to issue a password and allow a secure connection to their website. Wordfence describes the complexity of this attack as “trivial.”
According to Wordfence:
“An attacker could trick a site owner into clicking a link requesting an application password, naming their malicious application whatever they wanted…
Since application passwords function with the permissions of the user that generated them, an attacker could use this to gain control of a website.”
Wordfence produced a video describing and demonstrating the potential for a social engineering attack compromising the new Application Passwords Feature:
Wordfence Description of WordPress Application Passwords Feature Vulnerability to Social Engineering
WordPress 5.6 Overview
WordPress 5.6 is largely a success. There’s much that is so right with it. While it’s not a major advance it does have incremental improvements into site design functionality and improvements to functionality.
That this release manages to avoid the drama of the last two release makes this update a win considering there’s still a few weeks left in 2020.
WordPress 5.6 Warnings, Announcements and Documentation
WordPress 5.6 Introduces a New Risk to Your Site: What to Do
Google December Product Reviews Update Affects More Than English Language Sites? via @sejournal, @martinibuster
Google’s Product Reviews update was announced to be rolling out to the English language. No mention was made as to if or when it would roll out to other languages. Mueller answered a question as to whether it is rolling out to other languages.
Google December 2021 Product Reviews Update
On December 1, 2021, Google announced on Twitter that a Product Review update would be rolling out that would focus on English language web pages.
Our December 2021 product reviews update is now rolling out for English-language pages. It will take about three weeks to complete. We have also extended our advice for product review creators: https://t.co/N4rjJWoaqE
— Google Search Central (@googlesearchc) December 1, 2021
The focus of the update was for improving the quality of reviews shown in Google search, specifically targeting review sites.
A Googler tweeted a description of the kinds of sites that would be targeted for demotion in the search rankings:
“Mainly relevant to sites that post articles reviewing products.
Think of sites like “best TVs under $200″.com.
Goal is to improve the quality and usefulness of reviews we show users.”
Continue Reading Below
Google also published a blog post with more guidance on the product review update that introduced two new best practices that Google’s algorithm would be looking for.
The first best practice was a requirement of evidence that a product was actually handled and reviewed.
The second best practice was to provide links to more than one place that a user could purchase the product.
The Twitter announcement stated that it was rolling out to English language websites. The blog post did not mention what languages it was rolling out to nor did the blog post specify that the product review update was limited to the English language.
Google’s Mueller Thinking About Product Reviews Update
Product Review Update Targets More Languages?
The person asking the question was rightly under the impression that the product review update only affected English language search results.
Continue Reading Below
But he asserted that he was seeing search volatility in the German language that appears to be related to Google’s December 2021 Product Review Update.
This is his question:
“I was seeing some movements in German search as well.
So I was wondering if there could also be an effect on websites in other languages by this product reviews update… because we had lots of movement and volatility in the last weeks.
…My question is, is it possible that the product reviews update affects other sites as well?”
John Mueller answered:
“I don’t know… like other languages?
My assumption was this was global and and across all languages.
But I don’t know what we announced in the blog post specifically.
But usually we try to push the engineering team to make a decision on that so that we can document it properly in the blog post.
I don’t know if that happened with the product reviews update. I don’t recall the complete blog post.
But it’s… from my point of view it seems like something that we could be doing in multiple languages and wouldn’t be tied to English.
And even if it were English initially, it feels like something that is relevant across the board, and we should try to find ways to roll that out to other languages over time as well.
So I’m not particularly surprised that you see changes in Germany.
But I also don’t know what we actually announced with regards to the locations and languages that are involved.”
Does Product Reviews Update Affect More Languages?
While the tweeted announcement specified that the product reviews update was limited to the English language the official blog post did not mention any such limitations.
Google’s John Mueller offered his opinion that the product reviews update is something that Google could do in multiple languages.
One must wonder if the tweet was meant to communicate that the update was rolling out first in English and subsequently to other languages.
It’s unclear if the product reviews update was rolled out globally to more languages. Hopefully Google will clarify this soon.
Google Blog Post About Product Reviews Update
Google’s New Product Reviews Guidelines
John Mueller Discusses If Product Reviews Update Is Global
Watch Mueller answer the question at the 14:00 Minute Mark
This Is Why No One Uses Your Content [Rose-Colored Glasses]
6 Things I Love About Zapier’s SEO Strategy: A Case Study
Twitter Launches Election Integrity Features Ahead of US Midterms
Google Testing Search Refinements In Autocomplete For Desktop
LinkedIn tests New ‘Discover’ Feed, New Groups Elements in Order to Enhance Engagement
Snapchat Shares New Data on its Unique Audience Reach, and Why That’s of Value for Brands
Google Search Console Discover Performance Report Logging Issue On July 26
Rumbleverse is Available Today for Xbox
Google Algorithms And Updates Focusing On User Experience: A Timeline
Google Outlines New Algorithm Improvements to Improve the Accuracy of its Displayed Search Results
15 Excel Formulas, Keyboard Shortcuts & Tricks That’ll Save You Lots of Time
Being In Close Contact With Google Doesn’t Benefit You
A Comprehensive Guide to Local SEO in 2022
5 Ways To Check If Google Analytics Is Working
How Do Enterprise & SaaS Marketing Software Solutions Differ?
Top 7 Ecommerce Podcasts You Should Listen to in 2022
The Ultimate Guide to Google Ads [Examples]
Google Testing More List View Top Stories With News Taking Over Web Results
Main Advantages Of LED Lights You Should Definitely Know About
Spreadsheets remain critical for marketers