Podcast: Play in new window | Download | Embed
Subscribe to WPPlugins A to Z on Apple Podcasts | Podcast Index | Email | RSS
Good morning, good afternoon, good evening, wherever you happen to be hiding out there on the globe today! Coming to you LIVE from …
We’ve got a couple of great in-depth plugins to cover for you, with a plugin that helps with logging, monitoring and auditing for WordPress, and a Plugin that makes tweaking things for comfort in your backend easier!
And of course we’ve also got some recent news in both the WordPress World and the Tech World in general with additional WordPress Tips!
So it appears that we are getting a true fall season this year around here with the torrential rains, people coming to visit and just sorta looking confused at the falling rivers around them as the rest of Canada gets the first snows! Remember to keep warm whether its frosts, sky rivers flowing, or just some frost!
A few reminders before we start the show today….
Reminders:
- Join us here in person every Monday at 12:15 pm Pacific Time to enjoy our show!
- Show notes are added to wppluginsatoz.com within 24 hours of the show airing; you can find them either on the home page, or in the Podcast Vaults!
- This is a value for value show dear listeners, help us get some loven’ by hitting some like buttons, sharing an episode or two, or just turn our show on really loudly. We will catch somebodies attention!
If you stick around until the end, you will have a chance to hear some good questions – sometimes meant for the greenies, sometimes meant for the very experienced – and sometimes the questions are just completely random. Stick around and have a listen, might help! Or at least entertain!
(Don’t feel shy about sending in a message just to say hi! Send along suggestions, questions, recommendations, news, art – we always love to hear from our listeners!)
Let’s start the show with this weeks Featured Artist:
Artist:
Who is our artist today?!?
Today is…. Grok! He appears to be coming back to himself after the most recent lobotomy!
We would love some new art from our Producers out there! If you are so inclined, you can send it into us at amber@wppro.ca or john@wppro.ca. If you need some inspiration, you can always go to our site wppluginsatoz.com and check out our Art Vaults – you will find the link for it on the left hand menu.
We can NEVER have too much art!
Breaking News in the WordPress World at large!!
If you have anything you think should be added please send it into me at amber@wppro.ca!
News this week:
WordPress Vulnerability Report
(https://solidwp.com/blog/wordpress-vulnerability-report-october-8-2025) – In this report there are 99 vulnerabilities. 87 are plugins this week, with 2 Themes.
Plugins: 31 patched, 66 left to go!
Themes: 1 patched, 1 left to go!
WordPress Vulnerability Report from PatchStack
(https://patchstack.com/database/) – These guys always have the latest information on what is going on regarding the latest in vulnerabilities.
WordPress 6.8.3 security release patches data exposure and XSS vulnerabilities
(https://www.therepository.email/wordpress-6-8-3-security-release-patches-data-exposure-and-xss-vulnerabilities) – Last show we did showed two vulnerabilities in the WordPress Core, this update appears to have resolved those issues fully which is fantastic – this was released on October 1st, so if you have not already updated it is highly recommended that you do so now. The issues revolved around data exposure where authenticated users could access some restricted content, and a cross-site scripting (XSS) vulnerability that was affecting navigation menus. To learn more be sure to follow the link in the show notes!
Google quietly signals NotebookLM ignores Robots.txt (https://www.searchenginejournal.com/google-quietly-signals-notebooklm-ignores-robots-txt/558067) – This is something important to be aware of – Google’s recent update has updated its list of user-triggered fetchers with new documentation for Google NotebookLM, making it possible for Google NotebookLM to not obey robots.txt. As this is an AI research and writing tool that makes it possible for users to add a web page URL, this will allow them to use URL’s that publishers have set to ‘block’ to protect content on their site.
This article offers a way to work around this by adding a rule into your .htaccess file – definitely worth adding to your arsenal.
The WP World launches AI-powered multilingual messaging for the WordPress Community
(https://www.therepository.email/the-wp-world-launches-ai-powered-multilingual-messaging-for-the-wordpress-community) – The WP World now has a way for WordPressers from around the world to connect in such a way as different languages are no longer a barrier! Using AI to translate in real time, people are able to collaborate in real time with people from all over speaking all the languages but being able to understand one another.
I have noticed in games this has become more popular, though in the games the translation is sometimes… quite off. Hopefully that will not be the case here, although so far so good!
This is an important aspect to regognize as there are other companies that are beginning to do this as well. Woo Commerce is bringing in AI with their MCP support and integration, and other companies are bringing this in. As I mentioned I have seen this ability to translate in quite a few games I have checked out now – just click the ‘translate’ button!
This is larger then it seems, making it possible for everyone no matter their first language, to be able to communicate and collaborate, and is aboslutely something to pay attention to – the more normalized it becomes for things like an AI translator, the more normalized it will be to have AI in every other aspect of online life.
Woo outlines AI plans: MCP support and integration with Stripe’s agentic commerce protocol
(https://www.therepository.email/woo-outlines-ai-plans-mcp-support-and-integration-with-stripes-agentic-commerce-protocol) – Woo shared some early details on their AI space they have been working on – they are working towards having AI assistants that don’t just query store data but complete tasks like reordering products or recommending gifts without shoppers visiting a site. For merchants assistants could one day update store data or surface insights without having to log in. This is something to be aware of – this can and likely will change shopping behaviour online, and we are not entirely sure how.
WordPress.com rolls out MCP support as Automattic dogfoods MCP adaptor
(https://www.therepository.email/wordpress-com-rolls-out-mcp-support-as-automattic-dogfoods-mcp-adapter) – This is another AI integration article, where WordPress.com is allowing AI tools to connect directly to sites through a secure, standardized interface. The goal is to have “no more dashboard diving”, allowing AI tools like Claude or VS Code assistants query site content, comments, and settings. For now, access is read-only, with write actions expected in a future release.
Many companies are integrating AI into their core, allowing the AI to have access, and making it possible for AI to change things – I personally think that this is rather risky at this point as AI is not absolutely and fully secure as of yet, although I do see the positives of doing this. Keeping things as ‘read-only’ is a good start, though again I see this being normalized and I see problems down the road if we begin to rely too heavily on AI for things. By not ‘Dashboard Diving’ it is entirely possible that critical things will be missed – there is just so much information that human eyes need to see in order to interpret, to set off our instinct and send us off in one direction or another to check out a ‘hunch’ that has developed after seeing a series of plugins, choices in colours of the dashboard can sometimes help set of an instinctual reaction based on previous experience kind of thing.
I think we will lose our edge if we stop doing the tedious work.
I’m in Vibe Coding Hell
(https://blog.boot.dev/education/vibe-coding-hell) – This is an article that is written from the perspective someone who teaches coding. Lane Wagner talks about ‘tutorial hell’ – which I have definitely been there myself! – and then compares that todays Vibe code hell.
Vibe code hell is due to students leaning so heavily on AI – good example is ‘why did Claude need to add 6,379 lines to make my images lazy-load?’
He mentions how he himself uses AI tools every day, most of us do! but “…there is this AI craze (bubble) going on out there that is creating an entire generation of would-be educated workers that are adopting an attitude of ‘why learn anything? Ai knows it all’.” This is causing issues today. People are not incapable, they are just not learning things all the way because they have AI to do it for them – even though AI is FAR from totally capable!
Really a fantastic article and worth taking the time to read through thoroughly.
(Go visit WP Shout Comics OR Word Chronicles OR MonkeyUser.com for a fantastic brain break – my favourite today is this one!)
Some Extras – check out our Facebook or Twitter!
WP Engine accuses Automattic and Matt Mullenweg of concealing control of WordPress.org and the WordPress trademarks
(https://www.therepository.email/wp-engine-accuses-automattic-and-matt-mullenweg-of-concealing-control-of-wordpress-org-and-the-wordpress-trademarks)
What’s new for developers? October 2025
(https://developer.wordpress.org/news/2025/10/whats-new-for-developers-october-2025)
First ten hosts certified under Secure Hosting Alliance’s Trust Seal Program
(https://www.therepository.email/first-ten-hosts-certified-under-secure-hosting-alliances-trust-seal-program)
Ollie’s menu designer flagged for Core, with Automattic developers set to help shepherd it
(https://www.therepository.email/ollies-menu-designer-flagged-for-core-with-automattic-developers-set-to-help-shepherd-it)
WordPress Professional Survey Results from ‘theadminbar.com‘
(https://theadminbar.com/2024-survey)
Am I responsible for SEO when I’m building a client website?
(https://theadminbar.com/seo-weekly/am-i-responsible-for-seo-when-im-building-a-client-website)
Blocks galore, test template management, Woo product collections, and more – weekend editiion 343
(https://gutenbergtimes.com/blocks-galore-test-template-management-woo-product-collections-and-more-weekend-edition-343)
Mega Menus in core, WordPress 6.9 calls for testing, going from Elementor to Site Editor – weekend edition 344
(https://gutenbergtimes.com/mega-menus-in-core-wordpress-6-9-calls-for-testing-going-from-elementor-to-site-editor-weekend-edition-344)
Chasing the sun: inside WP accessibility daty’s 24-hour event & what to expect in 2025
(https://www.therepository.email/chasing-the-sun-inside-wp-accessibility-days-24-hour-event-what-to-expect-in-2025)
Woo outlines AI plans: MCP support and integration with Stripe’s agentic commerce protocol
(https://www.therepository.email/woo-outlines-ai-plans-mcp-support-and-integration-with-stripes-agentic-commerce-protocol)
Ollie’s Menu Designer lands on WordPress.org, praised as “game changer”
(https://www.therepository.email/ollies-menu-designer-lands-on-wordpress-org-praised-as-game-changer)
WordCamp Organizer banned for life after misappropriating funds
(https://www.therepository.email/wordcamp-organizer-banned-for-life-after-misappropriating-funds)
Fidélitas University hosts first WordPress Campus Connection in Latin America as credits program expands
(https://www.therepository.email/fidelitas-university-hosts-first-wordpress-campus-connect-in-latin-america-as-credits-program-expands)
Five takeaways from Matt Mullenweg’s crossword interview
(https://www.therepository.email/five-takeaways-from-matt-mullenwegs-crossword-interview)
How multicollab brings real-time collaboration to WordPress
(https://www.therepository.email/how-multicollab-brings-real-time-collaboration-to-wordpress)
WP Founders 1-10-2025 newsletter
(https://wpfounders.com/newsletter/1-10-2025)
Nomination now open for WordPress hosting team reps
(https://wp-content.co/wordpress-hosting-team-reps-2026-nominations)
WordPress 6.8.3 security update fixes data exposure and XSS vulnerabilities
(https://wp-content.co/wordpress-6-8-3-update-patches-data-exposure-xss)
Write the damn code
(https://antonz.org/write-code/)
Rogue’s Corner News and Extras
Be sure to go and check out the new and unique plugins now available from WPProAtoz.com!
Rogues Corner & Tip of the day
WordPress Items:
What if they changed the featuring of plugins in WP https://iconick.io/good-chaos/
He created a useful tool to surface plugins https://iconick.io/search/
https://x.com/sortaiconick/status/1973562696172970103
Nick has been a busy boy generating conversations https://iconick.io/extenders/ https://x.com/sortaiconick/status/1976644035751362672
Fluent Cart going live tomorrow
Please subscribe to the YouTube LIVE video, set an alarm, and make sure you grab a coffee at the launch party!
LIVE Launch Details:
- Date & Time: 14 Oct 2025, 01:30 PM (UTC)
- Live URL: https://www.youtube.com/watch?v=XCVXoSOi5gU
We can’t wait to celebrate this launch with you live. Let’s make it an unforgettable reveal. And yes, we will have an exclusive Lifetime deal for a short time. So don’t miss it!
WordPress Best Practices:
How to manipulate the WordPress plugin algritrym
https://iconick.io/why-your-wordpress-plugin-has-10-installs-and-how-to-fix-it/
Use this to help Nick Hamze (X Link) shared a free WordPress Readme Generator for visually creating perfect WordPress.org plugin readme files.
Privacy Stuff:
Termageeon privacy podcast https://termageddon.com/podcasts/
Some SEO info for the new LLMs.txt standard:
Seems that AIs are starting to use the llmls.txt https://llmstxt.ryanhoward.dev/
This thread is good https://x.com/forgebitz/status/1973291988167565816
Another thread the llms.txt https://x.com/CrystalontheWeb/status/1973453330874802429 is taking hold get the plugin you need here https://github.com/Ahkonsu/wpproatoz-llms-txt-for-wp
Tip of The Day:
Talk about us WPProAtoZ.com as an agency and what we do.
A new podcast https://podcastindex.org/podcast/7474494 UnCached WP Raw.
Are you creating a WordPress plugin use this tool to easy create and format your readme.txt file https://iconick.io/readme/
Learn some SQL basics https://www.freecodecamp.org/news/sql-and-databases-full-course/ from Nat https://x.com/natmiletic/status/1974171942539448704
New anti spam plugin from Alan at Fullworks https://x.com/alanefuller
https://wordpress.org/plugins/fullworks-anti-spam/
The Week’s WordPress Problem and solution:
Is the WordPress plugin ecosystem becoming too bloated — the old too many plugins trope
https://www.reddit.com/r/Wordpress/comments/1o26lc4/is_the_wordpress_plugin_ecosystem_becoming_too/
Pet Peeve This Week:
Morons who reach out claiming to listen to the show and then suggest a guest who has nothing to do with WordPress in the slightest. Then on top of that we tell people you want to be on the show go here to to this link wppro.ca/book here is sample from the email:
“I’ve been listening to your show, and I thought of a guest who would be a strong fit for your audience.
RANDOM Founder and CEO of Random company Inc., a MedTech and AI company developing advanced diagnostic technology and secure digital health platforms that combine hardware innovation, cloud infrastructure, and AI-driven analytics for real-time health insights.”
And bla bla bla, I delete these emails and 3 days later I get another hey did you see the email with the great guest proposal.. Morons plus the email is so unprofessional no contact info no way to verify them ect
Upcoming Interviews:
Reminder that we have more interviews coming up in the coming weeks with more developers and community members. https://wppluginsatoz.com/book-an-interview-on-wp-plugins-a-to-z-podcast/
Dragon Rating Time with John!
John’s Plugin
Activity Log Pro – Event Logger, Activity Monitor & Audit Log for WordPress
https://wordpress.org/plugins/activity-log-pro/
The Lowdown:
Activity Log Pro gives you a complete audit trail of everything happening on your WordPress site. See who logged in, what content changed, exactly when it happened, which plugins were updated and any suspicious activity – all in one place.
Perfect for businesses, e-commerce stores, agencies, and multi-user sites that need visibility into who did what, when, and where. Whether you’re troubleshooting issues, staying compliant, or monitoring for security threats, Activity Log Pro makes it easy to keep your site secure and transparent.
I am testing a new feature that Darron sent me and will report back on it.
Rating 5 Dragons
WordPress Tips
We would love to hear some tid bit tips from some of our producers out there – what did you figure out by breaking something? Or what did you need to learn in order to help someone? You can send these tid bits into me at amber@wppro.ca
My tip to you today…
Don’t Touch It!
What I mean by this is that sometimes, that precariously balanced triangle of oddball items that is somehow holding up the entire vehicle is just working, so don’t touch it!
Throughout my time in this world of internets, development, and all that comes with it, even I myself have had the experience of the magic wand, where there is something seriously wrong and you go to check it out, you’re not sure what you clicked, but now that seriously wrong thing is perfectly fine!
Once it is working, you just don’t touch it. You leave it alone and accept that it is working.
Sometimes this works and sometimes it is just the calm before the storm – but I have found so far that if something is suddenly working, don’t question it too hard and just don’t touch it.
There was one time when I wanted to know why, wanted to know ‘what did I do to fix it?’
And I wound up breaking the entire thing to such an extent that I had to restart the sandbox.
How? I have no clue – what did I do? No idea.
I theorize that the AI Gods were upset that I dared to question their boon – so when things just work, don’t question it, and don’t even think about it too hard,
just accept it and move on!
Dragon Rating Time with Amber!
Amber’s Plugin
TweakMaster
https://wordpress.org/plugins/tweakmaster
The Lowdown:
This is one of those plugin’s that caught my attention by the name, and drew me in with the possibilities!
Once you download and activate it, you can either click on ‘Settings’ right there under the plugin on the plugin page, or you can go to ‘Settings’->’TweakMaster’.
On this settings page, you have the tabs across the top: ‘General’, ‘Privacy’, ‘Media’, ‘Revisions’, ‘Security’, ‘Performance’, ‘Plugins’, ‘Tools’.
‘General’: you can remove string queries ?ver=1.2.3 from all styles and scripts. You can ‘Disallow File Edits’, change your Admin Bar Gretting, enable Font uploads, Change your scroll progress colour right there! Remove Admin Bare WordPress Logo, Disable Success Update Emails – and so much more! There are just too many options here for me to write them all out so be sure to have a look through yourself!
‘Privacy’: As WordPress sends ‘WordPress/6.8.3; https://’yoursitehere.com” to every site it makes a call to, TweakMaster offs you an option to empty the field, pretend to ‘Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36’ or something else if you choose – although leaving it as ‘default’ will not change anything.
You can also remove the EXIF data from uploaded images which can be very useful!
‘Media’: This offers the ability to convert jpeg’s to avif’s, compress those and Webp’s, and allows you to sanitize media filenames to remove non-Latin special characters and accents!
‘Revisions’: This allows you to create a limit on revisions for posts, pages, Custom CSS, patterns, templates, template parts, global styles, navigation menus – or just all in one option.
‘Security’: You can disable XML-RPC, allowing Jetpack IPs, or remove WP version from html head.
‘Performance’: You can migrate Dequeue jQuery from the jQuery script dependencies on the fronted, use Script Optimizer, and enable relative URLs.
‘Plugins’: You can disable forms, contact, and enable Jetpack offline mode.
‘Tools’: You can enable ‘maintenance mode’ and ‘duplicate post’ here.
I love that there are explanations under things like ‘Dequeue jQuery Migrate’ explaining in basic language what it is and how it works. This makes it easier to figure out what settings to bother with and which ones to just leave alone.
I found this plugin very easy to understand, easy to work with, and fun to test out! appears to play well with others and does not slow down my damaged site at all – which means that this is actually a light weight TweakMaster like it claims to be!
I highly recommend you test this one out for yourself.
Rating: 5 Dragon
Miscellaneous Announcements from all:
Have an announcement like a meetup, or to announce you’ll be on stage at a WordCamp? Let us know and we will add it here and help get your news out to the world!
WordPress Campus Connect Ajmer – August 23 – November 15
WordPress Campus Connect Kolhapur, India – September 13 – October 11
WordPress Campus Connect Udupi 2025 – September 20 – November 22
WordPress Campus Connect Jinja, Eastern Region, Uganda – October 1 – November 30
WordPress Campus Connect Kishoreganj, Bangledesh – October 13
To see the entire list you can follow the link here in the show notes, then click on ‘More WordCamps’ right below the list of the next 5. https://central.wordcamp.org/
If you are interested in finding a WordPress Meetup somewhere around the world you can go check out the places here: https://www.meetup.com/pro/wordpress/
Keep checking back every week to find out what else is going on!
Donations from across the galaxy!
Producership Credits are a thing that do actually exist – we offer them up to those who donate through Time, Talent or Treasure. You can use these credits to boost up your resume, add to your LinkedIn file, so on and so forth!
Even if you are not interested in receiving a Producership Credit, check out how you can use us as your own stepping ladder in the world of the internets – get yourself an interview, get us to make your announcement for you, let the world know you have something to say or a company worth checking out!
Have a look through our site wppluginsatoz.com. Check out the Time, Talent and Treasure pages.
Today’s Plugins we covered were:
John’s Plugin:
Activity Log Pro – Event Logger, Activity Monitor & Audit Log for WordPress By Activity Log Pro
- Complete Core Activity Tracking
- Advanced Plugin Integrations
- Free Professional Features
Rating: 5 Dragons
Amber’s Plugin:
TweakMaster By Nico
- Easy & Free to use
- Disables and can remove various features easily
- Can do image compressions
Rating: 5 Dragon
How to reach us:
Feel like sending us something through the snail mail system? You can do that thanks to our brick and mortar address that we provide for you!
You can also reach us the more common way of the internets – have both of our internets available down below for ya!
Brick & Mortar Address
WP Plugins A to Z
C/O John Overall
20-754 E Fairview Rd.
Victoria, BC V9A 5T9
Canada
Internets Addresses
John:
- My website:http://www.johnoverall.com/
- WordPress Emergency Support:http://wppro.ca/wpemergency
- email:john@wppro.ca
Amber:
- email: amber@wppro.ca
Q & A Time with Amber – Catch this info on our YouTube Channel
If you have questions you would like to have asked on the show, send them in to me atAmber@WPPro.ca – we may never stump my dad, but we can get some good conversation out of him at least!
- HTML and CSS is rather important to at least be able to read through. What about python, or jQuery – or is there another language people should learn to at least read?
- Is being able to comprehend what you are reading when looking through code good enough to do your job well do you think – or do you think you need to be able to write it too?
Questions asked after closing credits:
- What are Git logs, and should someone new to coding learn to read them? How much coding knowledge do you need in order to understand them, and is it a good place to start do you think?
- Do you think someone who only knows how to read code, not write it, still help with open-source projects or work with other coders? How?