In a month marked by significant business moves, crucial software updates, and a major security scare, the WordPress ecosystem demonstrated its characteristic dynamism throughout February 2022.
While the community was still exploring the transformative features of WordPress 5.9 “Joséphine” released in January, the platform continued its relentless pace of evolution with a flurry of acquisitions, essential core maintenance, and critical vulnerability patches that kept developers and site owners on their toes.
Ecosystem in Motion: A Flurry of February Acquisitions
February 2022 was a hot month for mergers and acquisitions, reflecting a broader trend of consolidation and strategic positioning within the WordPress market. Five notable acquisitions took place, each telling a different story about the growth and maturation of the ecosystem.
WPExperts Acquires Post SMTP (February 28)
In a significant move, development agency WPExperts acquired the popular Post SMTP plugin from its founder, Yehuda Hassine. With over 300,000 active installations, the plugin is vital for ensuring reliable email delivery from WordPress sites.
The acquisition was WPExperts’ second of the year, signaling a clear strategy to build out its portfolio of WordPress products. The agency announced it would continue to offer the plugin for free while investing in feature enhancements and improved support.
Strattic Acquires WP2Static (February 24)
Underscoring the growing interest in headless and static site generation, WordPress hosting company Strattic acquired the WP2Static plugin. WP2Static is an open-source tool for generating a static version of a WordPress site. Its creator, Leon Stafford, had already worked with Strattic and will continue to maintain the plugin.
Strattic announced plans to relaunch WP2Static on the official WordPress.org repository to improve its accessibility and introduce more users to the benefits of static WordPress, positioning their hosting service as the next step for those needing a more managed solution.
Cornershop Creative Acquires Wired Impact Clients (February 21)
In a strategic move between two agencies dedicated to the nonprofit sector, Cornershop Creative acquired Wired Impact’s hosting, maintenance, and retainer clients.
This allowed Wired Impact to focus exclusively on its core nonprofit website platform, while Cornershop expanded its base of mission-driven clients, ensuring a seamless transition for over 30 nonprofit organizations.
TrustedLogin Acquires Two Community Plugins (February 21)
TrustedLogin, a service providing secure client site access, acquired the “Remove Dashboard Access” and “Support Me” plugins from longtime WordPress contributor Drew Jaynes.
As Jaynes prepared to move into the Web3 space, TrustedLogin stepped in to adopt the plugins, which are active on over 50,000 websites. The company confirmed it would maintain and support both as free plugins, as their functionality aligns with its mission of enhancing WordPress security.
Howard Development & Consulting Acquires MasterWP (February 9)
Rob Howard and his agency, Howard Development & Consulting, acquired the popular weekly newsletter MasterWP. The acquisition was a strategic play to build an audience for the agency’s other software products and services within WordPress.
Refining the Foundation: WordPress Core and Gutenberg Updates
Following the major release of WordPress 5.9, February was a month of refinement and forward planning for the core development team.
WordPress 5.9.1 Maintenance Release
On February 22, WordPress 5.9.1 was released. This maintenance update addressed 82 to 85 bugs in the core software and the block editor. Such short-cycle releases are critical for stabilizing the platform after a major version launch, and this update resolved several issues reported by the community, smoothing out the user experience with Full Site Editing.
Three New Versions of Gutenberg
The block editor’s rapid development continued in February, with three new versions of the Gutenberg plugin released, each packed with enhancements that would eventually be folded into WordPress core.
- Gutenberg 12.5 (February 2): This version introduced the ability to switch between global style variations provided by a theme, giving users more design flexibility.
- Gutenberg 12.6 (February 16): A feature-rich update, this version added a new Post Author Biography block and a Read More block. It also shipped with a revamped color panel in the editor sidebar and enhanced block transformations, making it easier to switch between related blocks like a Calendar and Archives block without losing customizations.
Gutenberg 12.7 (late February): This version, which arrived at the end of the month, focused on improving the pattern insertion experience and allowed theme authors to add border styles to column blocks, offering more granular design control.
Looking ahead, the core team also published the proposed release schedule for WordPress 6.0, targeting May 24, 2022, for the next major release.
On High Alert: A Critical Vulnerability Shakes the Ecosystem
Security was a major headline in February with the disclosure of a critical vulnerability in Essential Addons for Elementor, a plugin with over one million active installations. The flaw allowed unauthenticated users to perform a Local File Inclusion (LFI) attack, which could be leveraged to read sensitive server files or even achieve Remote Code Execution (RCE), potentially leading to a full site takeover.
Security researchers discovered the vulnerability in late January, and the plugin developers responded by releasing a series of patches. Users were strongly urged to update to version 5.0.5, with version 5.0.6 following shortly after to address additional data sanitization issues. The incident served as a stark reminder of the importance of timely updates.
The month also saw a steady stream of other security issues. For instance, the weekly vulnerability report from February 16 cataloged 133 new vulnerabilities across 119 plugins and 14 themes. Another report from February 23 added 167 new vulnerabilities to the list, highlighting the ongoing challenge of securing the vast and open WordPress ecosystem.
Community and Industry Insights
Beyond the major headlines, several other developments pointed to the platform’s future direction. The official WordPress News site was completely redesigned, going live on February 16, and now offers a more modern reading experience.
The WordPress Photo Directory also saw significant progress, officially getting its own “Make” team to guide its development. This came as the directory surpassed 10,000 free, CC0-licensed images, though contributors noted the need for better integration with the block editor to make the photos more easily accessible to users.
The core team also published a forward-looking proposal for managing plugin dependencies. This long-awaited feature would allow plugins to require other plugins to function, aiming to solve a common source of user frustration and site errors.
Plugin of the Month: Amelia Events & Appointments Booking Calendar
Among plugins, Amelia stood out for its robust functionality, enabling appointments and event bookings for WordPress sites. Updated for compatibility with WordPress 5.9.1, Amelia addressed the growing demand for service-based scheduling through a user-friendly interface. Small businesses, salons, gyms, and clinics benefited from its streamlined categorization, payment integration, and calendar management features, driving user and reviewer recommendations.
Agency of the Month: Seahawk Media
Seahawk Media rose to industry prominence with its full-service WordPress solutions. Renowned for uncompromising customer support, global strategic partnerships, and deep technical expertise, Seahawk offers everything from custom development and white-label solutions to advanced SEO and 24/7 security monitoring.
The agency’s growth, highlighted by partnerships with major web hosts such as HostArmada, positioned Seahawk as a one-stop shop for businesses requiring scalable, reliable WordPress services.
Host of the Month: HostArmada
HostArmada claimed the spotlight for WordPress hosting in February 2022. Their approach combined robust security, cPanel management, global data centers, and beginner-friendly features with competitive pricing.
With shared hosting beginning at $2.49/month, daily backups, and SSD storage, HostArmada offered a compelling platform for agencies and small businesses that prioritize speed, reliability, and 24/7 support. Their commitment to security and ease of use made them a top choice for new WordPress deployments and migrations.
Featured Founder: Yehuda Hassine
In a community built on open-source contributions, the story of Yehuda Hassine, the founder of Post SMTP, stands out. The original Postman SMTP plugin was abandoned due to an unfixed security flaw. Hassine, a plugin user, stepped up, fixed the vulnerability, forked the project, and rebranded it as Post SMTP.
Working as a “one-man army,” he single-handedly managed its development and support, growing it into a trusted tool with over 300,000 users before its acquisition by WPExperts. His dedication exemplifies the spirit of the WordPress community.
Looking Ahead to March
As February closed, the WordPress community looked toward a busy spring. The roadmap for WordPress 6.0 was set, promising further enhancements to the Full Site Editing experience.
The announcements of several upcoming in-person WordCamps, including WordCamp Europe in Porto, Portugal, signaled a hopeful return to the large-scale community gatherings that are the heartbeat of the ecosystem.
With ongoing work on projects like plugin dependencies and a constant influx of innovation from the community, the WordPress platform showed no signs of slowing down.