WordPress / WooCommerce

🔄 WordPress & WooCommerce Core Updates – October 2025


🧱 WordPress 6.8.3 (Security Release)

  • Fixes two core vulnerabilities affecting plugin/theme access control
  • Recommended for all sites to patch immediately
  • Security audit checklist includes:
  • Updating plugins like All in One SEO, Post SMTP, and StoreKeeper for WooCommerce
  • Reviewing low-privilege user roles
  • Scanning for unauthorized uploads and modified core files

🛒 WooCommerce 10.3 (Scheduled Release: October 21, 2025)

  • Cost of Goods Sold (COGS) added to core for profit margin tracking
  • Address Autocomplete for checkout blocks (requires address provider)
  • PayPal Orders v2 API replaces legacy WPS, with Express Checkout buttons (PayPal, Venmo, Pay Later)
  • Product Collection Editor performance improvements
  • Experimental Features:
    • Add to Cart + Options block
    • WooCommerce MCP protocol for AI assistant integration
    • Clearing of empty sessions for better caching
  • Advisories:
    • Coupon discount recalculation reverted
    • Decimal format changes coming in 10.4

🧩 Shopware Core Updates – October 2025 | 🔧 Shopware 6.7.3.0 (Released October 6, 2025)

  • Stability and performance improvements across backend modules
  • Enhanced compatibility with TWINT payment integration
  • Security patch for media visibility restriction bypass released in 6.7.3.1
  • Prevents low-privilege users from accessing private media via aggregation API
  • Recommended update for stores handling sensitive customer documents

WordPress 6.8.2 had the following significant enhancements:

  • Patch includes 20 Core fixes and 15 Gutenberg Block Editor fixes
  • Ideal for improving stability—if your site supports automatic updates, it should upgrade itself; otherwise, head to Dashboard → Updates to apply manually .
  • Stronger password security: bcrypt hashing replaces older algorithms.
  • Over 100 accessibility fixes plus small editor and performance enhancements

The major release, WordPress 6.8 called Cecil, introduced on April 15, 2025, brought significant enhancements:

  • Style Book improvements: cleaner interface and better theme compatibility.
  • Speculative loading: preloads pages to make navigation feel snappier.
  • Stronger password security: bcrypt hashing replaces older algorithms.
  • Over 100 accessibility fixes plus small editor and performance enhancements.
  • For a comprehensive overview of all releases and to download the latest version, you can visit the official WordPress release archive.
  • To stay informed about future updates and features, consider following the official WordPress blog.
  • Regularly updating your WordPress installation ensures access to the latest features, security updates, and performance improvements.

End of Security Support for WordPress 4.1–4.6 (July 2025)

  • As of July 2025, WordPress officially stopped issuing security updates for long-outdated 4.1–4.6 branches
  • These versions now carry high security risk, and though they represent less than 1% of active installations, any remaining sites running them should upgrade immediately