July 2018 was a month of preparation and momentum. Gutenberg dominated the conversation, security demanded attention, and the ecosystem kept growing in every direction.
From BuddyBoss joining WPBeginner to critical plugin vulnerabilities and a clear shift toward mobile-first design, the WordPress world had plenty to digest. Here is everything that shaped the ecosystem in July.
Mergers, Acquisitions, and Investments
July 2018 was a quiet month on the mergers and acquisitions front. No major deals, investments, or acquisitions were reported across the WordPress ecosystem during the month.
WordPress Core Updates
July centered on security, compliance, and laying the groundwork for one of the most significant editor changes in WordPress history.
- WordPress 4.9.7 (July 5, 2018): Released as a critical security and maintenance update, resolving 18 reported issues including a path traversal vulnerability in the file system and a range of bug fixes improving overall platform reliability.
- Gutenberg Preparations: Development continued toward the upcoming 4.9.8 release, designed to introduce the block editor to a wider audience. A public demo page was made available, giving users and developers their first real look at the new editing experience.
- GDPR Compliance: The core team continued refining privacy tools introduced in earlier releases, helping site owners meet data protection requirements without depending on third-party solutions.
- Servehappy Project: Planning progressed on surfacing direct warnings to administrators still running PHP 5.2, pushing the broader ecosystem toward modern, supported PHP versions and away from outdated server environments.
Other WordPress News
Last month brought a mix of community expansion, platform documentation progress, and early Gutenberg outreach beyond core development.
- Try Gutenberg Callout: Plans were confirmed for WordPress 4.9.8 to introduce a “Try Gutenberg” dashboard prompt, giving everyday users a low-friction way to test the new editor before its full release.
- WordCamp Incubator Program: The Community Team selected Montevideo, Uruguay and Kota Kinabalu, Malaysia as the 2018 incubator cities, extending organized WordPress community support into newer and developing regions.
- Q2 2018 Progress Report: The quarterly update highlighted meaningful advances on HelpHub, the redesigned documentation platform, alongside coordinated outreach to hosting companies preparing their infrastructure and customers for the Gutenberg transition.
- Plugin Compatibility Updates: The WP News and Scrolling Widgets plugin received maintenance updates during July, addressing compatibility issues and bug fixes to keep pace with the evolving core environment.
Security Alerts & Plugin Vulnerabilities
July served up a busy round of security fixes across the web, and if you ran any of the affected software, you needed to act fast.
- Oracle Critical Patch Update: Oracle dropped one of its biggest quarterly patch releases yet, covering hundreds of vulnerabilities across its database and middleware products.
- Android Security Bulletin: Google pushed critical fixes for the Android media framework that could let attackers run malicious code on your device without you doing anything.
- Jenkins Security Advisory: If your team ran Jenkins for CI/CD pipelines, this one hit close to home. Multiple high-risk vulnerabilities were patched in Jenkins plugins, with the biggest risks sitting in plugin management and user access areas.
- CVE-2018-12364 (NPAPI/Flash): If you still had Adobe Flash running in Firefox or Thunderbird, attackers could exploit a CSRF vulnerability to hijack requests in your browser.
Industry Trends and Insights
Past month was defined by one thing above all else. Gutenberg is coming, and the entire WordPress ecosystem is getting ready for it.
- Gutenberg Anticipation: The entire industry is watching WordPress 5.0. Developers are debating backward compatibility, theme developers are rethinking their workflows, and the “Try Gutenberg” callout in 4.9.8 is giving users their first real taste of what is coming.
- Mobile-First Is Now the Baseline: Mobile traffic outpaced desktop for the first time this month. Designing for small screens first is no longer a trend you can ignore. It is how every serious project starts now.
- HTTPS or Get Left Behind: Google is flagging sites without SSL as “Not Secure” right in the browser bar. That one change turned SSL setup from an optional extra into a standard deliverable for every developer and agency.
- WooCommerce Keeps Growing: More small businesses are launching stores on WordPress than ever before. WooCommerce is making that possible with minimal coding required, and its dominance in the eCommerce space is only getting stronger.
- GDPR Refinement Continues: The dust from May’s GDPR rollout has not settled yet. Developers and site owners are still tightening privacy tools baked into core, working to stay compliant without leaning on third-party plugins.
Theme of the Month: Astra
Astra continued to stand out as one of the fastest and most flexible themes in the WordPress ecosystem. Built with performance at its core, it loads in under a second and adds no bloat to your site out of the box.
It works seamlessly with every major page builder including Elementor, Beaver Builder, and Brizy, making it a reliable starting point for agencies and freelancers building client sites at scale. Ready-made starter templates and deep customization options mean you can go from blank canvas to finished site without touching a line of code.
Plugin of the Month: Jetpack
Jetpack remained one of the most widely used plugins in the WordPress ecosystem. Developed by Automattic, it packages security, performance, and marketing tools into a single installation, making it especially useful for site owners who want broad coverage without managing a stack of separate plugins.
Features like downtime monitoring, brute force protection, image CDN, and social sharing keep both small blogs and growing business sites running smoothly and securely.
Agency of the Month: Seahawk Media
Seahawk Media continued building its reputation as a reliable WordPress-specialist agency. The team supports businesses across development, migrations, maintenance, and performance optimization, delivering consistent results for both small businesses and larger clients.
Its focused approach to WordPress and a growing network of hosting partnerships keep it well positioned as demand for professional WordPress services continues to rise.
Host of the Month: Bluehost
Bluehost remained one of the most recommended WordPress hosts, holding its place as an officially recommended host on WordPress.org. Its straightforward setup, one-click WordPress installation, and affordable entry pricing made it a go-to choice for beginners and growing sites alike.
Reliable uptime, built-in security tools, and strong customer support continued to make it a dependable option for site owners launching and scaling on WordPress.
Founder of the Month: Brian Gardner
Brian Gardner is the founder of StudioPress and the creator of the Genesis Framework, one of the most respected theme frameworks in WordPress history. What started as a side project became the foundation hundreds of thousands of developers and agencies built their businesses on.
Genesis got the fundamentals right. Clean code, strong SEO defaults, solid security, and a hook system that made customization predictable. Agencies trusted it, freelancers built service offerings around it, and child theme developers turned it into an ecosystem of its own.
Looking Ahead to August 2018
All eyes are on Gutenberg. August is expected to bring WordPress 4.9.8 and with it the “Try Gutenberg” callout that puts the block editor in front of everyday users for the first time. How the community responds will set the tone for the rest of the year.
Security will stay on the radar as administrators work through July’s round of vulnerabilities and keep their stacks updated. HTTPS adoption is accelerating and that pressure is not letting up anytime soon.
The broader conversation around mobile-first design, GDPR compliance, and WooCommerce growth is only going to get louder heading into the second half of 2018.