ylliX - Online Advertising Network
2024 WordPress Recap: A Lot More Happened Than Just #WPDrama
Uncategorized

2024 WordPress Recap: A Lot More Happened Than Just #WPDrama

Written by wordpress


As we kick off the 22nd year of WordPress, I’m not sure that there’s ever been this much uproar in the community since the Capital_P_Dangit incident back in 2009. While many people are anxious about the ongoing #wpdrama, it’s good to take a step back and remember that it didn’t start until late September.

I bring that up to make a point: there were almost ten months of exciting things happening in WordPress before Matt fired shots at WP Engine. This one event is overshadowing the rest of what went on last year. In an effort to provide some counterbalance, I present to you a recap of what happened in the world of WordPress throughout 2024.








Let’s dive in! 🤿

WordPress releases in 2024 👀

In 2024, WordPress released three new major versions:

In addition, there were 11 minor release updates, for a total of 14 releases.

Technical highlights 👨‍💻

WordPress began last year with a very athletic 6.5 “Regina” release. I deliberately chose that adjective because the improvements over 6.4 could best be compared to Olympic racing – the Post Editor and Site Editor became twice as fast, while input processing speed increased up to five times. And for international users, loading times for translated sites jumped up to 25% faster. On a non-athletic-but-still-appreciated note, AVIF image support was added. 1

The introduction of the Font Library system increased the depth of the WordPress design bench to the tune of 288 pages worth of new fonts – courtesy of the new Google Fonts integration inside the Full Site Editor. This was a massive win for not only WordPress, but block themes specifically.

Google Fonts integration in the Full Site Editor.<br>

This democratization of design continued through the 6.6 “Dorsey” release. We got the ability to create color sets and font sets and then pair them in combinations across one theme. Another big win was that you could now make content changes in each instance of a synced pattern while maintaining a consistent style across them. These changes could be applied to Heading, Paragraph, Button, and Image blocks inside of synced patterns.

Dorsey also introduced the automatic rollback feature for failed plugin auto-updates – something I personally appreciated. 2

By November, WordPress 6.7 “Rollins” arrived, which included the launching of the annual WordPress theme – in this case Twenty Twenty-Five. HEIC image support was also introduced and lots more design controls were added – particularly for border controls across a wide array of block types. 3

Fun stats about the new releases and other WordPress things in 2024 📜

The WordPress development team hit some impressive numbers with each release. Let’s look at what the year looked like as a whole

Overall, between the three major releases, there were more than 4,740 enhancements and fixes across all areas of WordPress.

01

Contributors and community

  • A vibrant community of 800-1000 unique contributors powered WordPress development in 2024
  • Over 530 first-time contributors joined the WordPress family
  • Contributors represented 57+ countries
  • Community engagement peaked with 780 contributors for the 6.7 release

02

WordPress Core milestones

  • 949+ combined Core tickets processed
  • 294 enhancements and feature requests implemented
  • 587+ bug fixes deployed

03

Block editor gains

  • 1,210 total enhancements
  • 1,441 bug fixes
  • 166 accessibility improvements

04

Themes

From the first day of January to the last day of December, the WordPress repository saw more than 1,325 themes added to it.

In his State of the Word 2024 address, Matt Mullenweg claimed it was more than 1,700 – which may very well be possible. The WordPress repository stopped publishing the exact number so now it only says “over 13,000” versus at the start of the year, when it said “11,675.”

05

Plugins

For plugins, the net gain was not quite as large as it was for themes.

At the start of the year, the repository had 59,481 plugins available. On the last day, it showed “over 59,000” plugins available, which means that the total amount hadn’t broken through the 60,000 mark.

I did some digging to find out when the WordPress repository stopped publishing the exact number and it was on the 20th of May. To be more precise, that screen grab you see below with the 10:55:37 timestamp was the last time. It showed 59,778 plugins.

Then, starting with the 21:01:37 timestamp, WordPress switched to the rounding off format.

The Wayback Machine showing the exact timestamp when the WordPress repository stopped publishing the exact number of plugins available.

Therefore, if I was to make an estimate, I’d guess that probably somewhere in the realm of 300 to 400 plugins were added to the repository in 2024.

💡 Oh, and in case you were curious about the repository’s layout and color change, that happened on the 30th of April.

Security stories that made the news 🛡️

In terms of security, 2024 began in the shadow of a December 2023 vulnerability that spilled over into January. Attackers exploited a security flaw in the Popup Builder plugin, which allowed them to create unauthorized admin accounts through cross-site scripting. And with an admin account, they could take over an entire site. Both Sucuri and Wordfence became aware of the attack and helped protect their users against it. 4 5

By June, things escalated dramatically when a sophisticated supply chain attack targeted WordPress.org’s plugin repository, compromising five popular plugins including Social Warfare. 6 The attackers injected malicious code that could create unauthorized admin accounts (sound familiar?) and inject SEO spam. This supply chain attack pattern would prove to be a recurring nightmare, with three more plugins falling victim to it in October. 7

The summer months revealed vulnerabilities in some of WordPress’s heavyweight plugins. WPML, with over a million installations, disclosed a serious authentication bypass vulnerability in June. 8 In August, LiteSpeed Cache (a plugin with over five million users) patched a critical privilege escalation vulnerability that could allow complete site takeovers. 9

But October proved to be most overwhelming month for WordPress security. Multiple high-profile incidents made headlines:

  • Over 6,000 sites fell victim to an infostealer attack through more than 20 compromised plugins. 10
  • Jetpack, one of WordPress’s most popular plugins, discovered a critical vulnerability affecting versions dating back to 2016. Luckily, there was no evidence that it had been exploited. 11
  • WPForms revealed an issue that affected over six million sites and could have led to unauthorized payment refunds if it hadn’t been caught. 12
  • Really Simple Security’s authentication bypass vulnerability put over four million sites at risk. 13

Overall, it was clear that throughout 2024 WordPress Core maintained its Fort Knox status while plugins continued to be the main avenue for opportunistic agents to penetrate WordPress (or attempt to). I don’t see this changing in 2025.

The WordPress security team and security vendors reacted swiftly to these challenges. Wordfence’s threat intelligence team took point on several incidents by providing crucial firewall protection for millions of sites and working closely with plugin developers to patch vulnerabilities.

The WordPress.org team also implemented stronger security measures, including mandatory two-factor authorization for plugin and theme authors. 14

And finally, developers themselves beefed up their security protocols and release confirmation systems.

Most importantly, handling all of these various challenges really showed how the WordPress community can rally together to get things done when needed.

Business power moves and market evolution 💸

2024 saw WordPress evolve through a series of strategic acquisitions and consolidations with many of the big name familiar players leading the way.

Press release about OptinMonster acquiring Beacon Lead Magnet Creator.

Syed Balkhi of Awesome Motive continued with his aggressive expansion strategy. In February, under his Growth Fund umbrella, he acquired Beacon (a lead magnet creation platform) and brought it under the OptinMonster brand. 15

Syed’s shopping spree continued in April, with AccessAlly joining his portfolio company Caseproof (which already included MemberPress and Pretty Links). This further consolidated his position in the membership platform market. 16

June brought interesting developments to the Contact Form 7 ecosystem, with our acquisition of a sister product related to the main plugin. The Redirection for Contact Form 7 plugin automates post-submission workflow management, solving common pain points for form users. It’s been a valuable addition to our existing plugin offerings and we’re excited to continue working on it in 2025. 17

The following month, WP Engine made waves by acquiring NitroPack, bringing advanced site speed optimization tools to over 219,000 websites. 18 WP Engine’s move signaled a growing emphasis on Core Web Vitals and user experience in the WordPress hosting space.

Also in July, Syed acquired BuddyBoss, a move that strengthened his presence in the community and learning platform space. 19

WPFullPay

As the year drew to a close, companies were still strategically expanding their plugin portfolios – that included us. In November, we purchased the WP Full Pay plugin and swiftly integrated it into our plugin family. We thought it was a strong alternative to WP Simple Pay and we are going to enhance its functionality even further this year.

To wrap up 2024, in early December, Automattic made perhaps the year’s most forward-looking move by acquiring WPAI. 20 Known for its AI-powered WordPress tools like CodeWP and AgentWP, WPAI’s consolidation into the Automattic brand signaled both a strategic business decision and an acknowledgment of AI’s growing importance in the WordPress ecosystem.

Mergers and acquisitions were the overall theme of the year and I imagine that won’t change much this year either.

WordCamps, meetups, and the post-pandemic bounce back 🫱🏻‍🫲🏽

A big highlight from 2024 was the triumphant return of WordPress’s vibrant community events. With over 75 WordCamps spanning six continents, 21 from Nepal in January to Delhi in December, the WordPress community finally got back to what it does best – connecting face-to-face and building together.

The sun rises in the east and the first major continental meetup of 2024 was also in the east. In Taipei to be more specific. In March, WordCamp Asia transformed Taiwan’s capital city into a WordPress hub, drawing enthusiasts from across the continent.

As the summer began, WordCamp Europe took center stage in June, bringing over 2,500 participants from more than 70 countries to Torino, Italy.

I was one of them and the energy was electric.

Author at WordCamp Europe 2024 in Torino, Italy.
Yours truly at WordCamp Europe 2024

726 contributors tackled projects across 25 teams during Contributor Day (and somehow managed to translate 79,059 strings into 29 languages…) Talk about productivity!

The next big event saw WordCamp jumping back across the Atlantic to Ottawa, Canada in July, followed by the even bigger WordCamp US in Portland, which took place in September.

WCUS showcased some exciting changes with an expanded four-day format and the introduction of “Showcase Day,” giving us a peek behind the curtain at how organizations like Disney and The New York Post are pushing WordPress to its limits.

With over 400 contributors and more than 40 sponsors in attendance, it felt like the WordPress community was hitting its stride again.

Sure, WordPress gatherings might look a bit different these days, but the heart of what makes them special – learning, sharing, and building together – is beating stronger than ever.

The road ahead: uncertainty and opportunity 🔮

As we kick off 2025, the WordPress community finds itself at a critical juncture. Matt’s December 20th announcement of WordPress.org’s partial shutdown 22 left many people feeling uneasy.

Although the “holiday break” has since been lifted, 23 the impact extended beyond just the temporary disruption. Many are still feeling uneasy about the state of WordPress at the moment, but despite the mood, one thing remains clear: WordPress’s greatest strength has always been its community.

Regardless of what lies ahead, the platform’s future will be shaped not by any single event or decision, but by the collective actions of the millions of developers, designers, and users who rely on it daily. The technical innovations, security improvements, and business developments of 2024 prove that even in tumultuous times, WordPress will continue to evolve and adapt. And I’m going to be here for all of it – as I’m sure you will too.

What are you favorite WordPress moments from last year? And how are you feeling about the state of things? Let me know in the comments and let’s chat about it.

Yay! 🎉 You made it to the end of the article!

Martin Dubovic

Martin wrote his first e-book and built his first website using Weebly to market it and sell it in 2013. After making his first sale, he knew he was onto something. A few years later he made the switch to WordPress and from then on he became a full on WordPress addict. When he’s not WordPress-ing, you can find him doing pullups, handstands, drinking matcha, and of course, writing.

Updated on:

January 8, 2025



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *