Yoast SEO 12.1: Snippet preview updated

Yoast SEO 12.1 is out today! It features a couple of changes in order to match the design of Google’s search results pages, this includes those shiny new favicons. In addition to this, we added a number of new filters for our Schema implementation. See what else is new in the latest release of your favorite SEO plugin.

Updating the snippet preview

Google is always testing different iterations of its search results pages. Sometimes a test sticks and ends up as the new default. In Yoast SEO 12.1, we’re adapting our snippet preview to match two of the latest changes: favicon in mobile search and new font sizes in desktop search.

In Yoast SEO 11.5, we added the default favicon Google uses when it can’t detect a correct favicon on your site — or you simply don’t have one. Now, we pick the one you’ve added to WordPress and show it right in the mobile snippet preview, just like Google would. You now have a good sense of how your site will appear in the mobile search results.

The mobile snippet preview now shows how your favicon would appear in the results

Here’s how to add a favicon to your WordPress site in order to get it to show in both search results as well as our mobile snippet preview.

The other new tidbit we have for you is matching Google’s new font sizes for the desktop search results. Google now uses slightly larger letters and we’ve followed suit to make the desktop snippet preview appear exactly right. Go check it out.

New Schema filters

We’ve added a couple of new filters to allow for a more granular control over a site’s Schema output. Julià Mestieri suggested the first one. He made a filter called wpseo_schema_organization_social_profiles to filtering an organization’s social profiles in the schema output. You can use this filter to modify social profiles (sameAs attribute) in the Organization schema object.

Andrew Gillingham suggested two other filters. His wpseo_schema_company_name and wpseo_free_schema_company_logo_idfilters make it possible to filter the company name and company logo from the theme options whenever it hasn’t been set in the Yoast SEO settings. This way, both can still be used by the schema output without having to set it manually.

Last but not least, we added a filter called wpseo_enable_structured_data_blocks that makes it possible to turn off Yoast’s structured data block editor blocks.

Find out all about our structured data implementation and how you can enhance it by reading our Schema documentation.

Other improvements

The WordPress Gutenberg project keeps chugging along nicely, but sometimes stuff changes or breaks. In one of the latest releases, our structured data content blocks hit a little snafu, which we fixed in this release. The styling of the How-to and FAQ blocks is now compatible with latest version of the WordPress blocks editor.

Our latest community additions are a new method suggested by Brady Williams and a bug fix by David Herrera. Brady’s get_robots method retrieves the robot HTML without it being output, while David fixed a bug where the primary term selector would not display HTML entities properly.

As mentioned in the Yoast SEO 12.0 release post, we’re actively working on improving input validation in the plugin, among many other things. We’ve continued that in Yoast SEO 12.1 and improved the validation on the settings page. We’ve also updated the plugin icons to be more consistent.

Update now to Yoast SEO 12.1

That’s it for Yoast SEO 12.1! We’ve updated our snippet preview to the latest changes by Google, including those shiny favicons in the mobile search results. We’ve added new Schema filters, fixed several bugs and rolled out several other enhancements. Go test the new version and update whenever you’re ready!

The post Yoast SEO 12.1: Snippet preview updated appeared first on Yoast.

Gutenberg block editor improvements, and integrating plugins

Today’s WordPress Watch has a strong focus on the Gutenberg block editor. Two different tweets prompted me to focus on what you can do with the editor a bit more. We’ll discuss improvements to the editor, as well as useful plugins that integrate with the block editor, so I hope you enjoy this edition. Don’t forget to check out the bonus links!

Block editor keeps on getting better

This December is the one year anniversary of the merge of the Gutenberg project in WordPress core. If you’re still postponing moving to the block editor, it’s good to know that it keeps getting better. Not just better at certain things it does – like speed and settings – but also when it comes to options and possibilities.

Gutenberg plugin improvements

The improvements to the block editor can be noted in the stand-alone Gutenberg plugin. For those of you who are unaware, the Gutenberg plugin sees continuous improvement, with new releases every other week. You can read up on the kinds of improvements that have been made here.

So, if you want to try the latest and greatest version of the block editor, you can install the Gutenberg plugin in your WordPress site. If you’ve tried it before and it didn’t take, I can guarantee you, you’ll now see a much-improved version of the block editor with the latest version of Gutenberg.

Plugins integrating with the block editor

Over the last couple of months, we’ve seen a lot of powerful improvements committed to the Gutenberg plugin, but, we’ve also seen a lot of plugins integrating with the block editor in extremely interesting ways. I’ve already mentioned several of these plugins in some of my previous WordPress Watch posts. Today, I’d like to highlight two specific plugins that have become part of my favorite block editor enhancements. Namely: Editorskit and Atomic Blocks.

Atomic Blocks

Atomic Blocks is one of those plugins that gradually keeps getting better at what it does. This tweet, for example, demonstrates quite nicely what kind of improvements you can find:

Just have a look at what kind of blocks it makes available in the block editor and what you can do with it.

Editorskit

Editorskit, just like Atomic Blocks, adds an array of interesting blocks to the editor, but it has a slightly different focus. Find out what they are and what they do here. Technically, you could use both plugins side by side. Editorskit also shared an interesting tweet last week demonstrating their progress:

If you’re still putting off switching to the block editor and you haven’t played around with it lately, now’s a good time to try again.

Bonus links

The post Gutenberg block editor improvements, and integrating plugins appeared first on Yoast.

Yoast SEO: don’t just set it and forget it!

Some of the things Yoast SEO does are pure magic. Lots of things are just taken care of after you’ve installed the plugin. You don’t have to do anything about that. Simply installing Yoast SEO will fix a lot of important technical SEO things for you. The content side of SEO, though, is something you should always do yourself. Yoast SEO will help you, but you’ll need to make an effort. So there’s a lot of work in it for you. In this post, I’m going to tell you about the things you need to do yourself, in order to make your SEO strategy successful.

Configure Yoast SEO properly

First of all, you need to configure Yoast SEO correctly. You should be aware that the plugin can’t perform to its full potential if the settings of Yoast SEO aren’t optimal for your specific website. So, make sure that the configuration of Yoast SEO is, in fact, in line with your website. The configuration wizard helps you take care of a lot of these settings.

Keyword research – always

The second thing you need to make sure of is doing your keyword research right. You need to know that you’re focusing on the words that people actually search for. If you’re optimizing for a term nobody uses, you can rank number one, but you still won’t have any traffic. And, if you’re optimizing for a term that’s so competitive that you won’t ever be able to rank for it, then you won’t get any traffic as well.

Doing your keyword research means that you need to get inside the heads of your audience. It also means that you should know your competition and estimate your chances to rank for a certain keyword. Yoast SEO will help you optimize your content for your keywords, but figuring out what the right keywords are, is your job.

Read more: How to choose keywords that’ll attract traffic »

Write awesome content

The third thing you need to do yourself is to write awesome content. And that’s something you have to do manually. Of course, you can outsource this, but it’s something somebody has to do. Yoast SEO actually helps you to write both SEO-friendly, as well as readable texts with the content and SEO analysis. So, make sure you use this feature in order to make your text well-optimized for the search engines. But adding great content is still something you need to do yourself; it won’t happen magically.

Internal linking

Another thing you’ll need to do yourself is to take care of your internal linking structure. This is very important because a proper internal linking structure will make sure that Google understands your website. And, you want Google to understand your website. Otherwise, you will be competing with your own content for a place in the search results.

Yoast SEO (Premium) will help you to do that, with our internal linking feature. But it’s still something you need to be actually doing yourself. Yoast SEO will make suggestions for articles you could link to, but you still have to put them in your article.

Social previews and redirects

Social previews and redirects are features in Yoast SEO that’ll help you improve your SEO. Your effort is needed in order to gain an SEO advantage from these features. Part of your SEO strategy will be a strategy on social media, so Facebook and Twitter. And Yoast SEO can help you make those posts on Facebook, but you still have to hit that button and write the content. Same goes for the redirects. If a page is outdated, you want to redirect it to another page. But it won’t happen just magically; you have to create those redirects yourself.

Don’t forget your competition

Even if they’ve done all the things I talked about, some people are unable to rank for a specific term. Why is that? Well, I think a lot of it has to do with competition. Some search terms are so competitive and dominated by high-authority brands that it’s terribly hard for a starting out blog to rank between them. If you want to rank for ‘holiday home Florida’ and you’re just starting out as a blog, you’re probably not going to rank right away. You need to have a whole strategy, in which you focus on long-tail search terms first. So, part of why you’re not ranking has to do with the competition.

On top of that, SEO sometimes takes a long time. Don’t despair if you’re not ranking overnight. It can take a little while before you start ranking for specific search terms. It’s a process that requires a strategy, and it takes some time before you see the results.

Conclusion

SEO is a lot of work. Yoast SEO takes care of most of the technical SEO stuff. The content side of SEO is a different story, though. You’ll need to make an effort to set up a successful content SEO strategy. There are a lot of things you should work on, in which Yoast SEO can actually help you and take you by the hand. And don’t forget: whether or not you rank for specific terms also depends on your competition in your specific niche. 

Keep reading: What does Yoast SEO do? »

The post Yoast SEO: don’t just set it and forget it! appeared first on Yoast.

How to change your favicon in WordPress: a step-by-step guide

Have you seen that icon in the search results in front of your website’s URL? It’s visible for most people in mobile results now. So, no excuses, your site needs a good favicon. Luckily, setting a favicon in WordPress is very easy. Here we’ll explain how to change the favicon of your WordPress site!

Yoast’s favicon shows when you search for our brand on mobile.

We’ve been writing about favicons for years. This article about favicons and branding will tell you what you need to think about in that regard. Read it, and make sure your favicon is good and stands out.

Spoiler alert! Next week, when Yoast SEO 12.1 is out, you’ll be able to see your favicon in Yoast SEO’s mobile snippet preview too, so stay tuned for our next release!

Now let’s give you a simple step-by-step guide on how to change your favicon in WordPress:

Time needed: 5 minutes.

The favicon is called a site icon in WordPress and can be added in the customize theme section.

  1. Log in to your WordPress website.

    When you’re logged in, you’ll be in your ‘Dashboard’:WordPress Dashboard

  2. Click on ‘Appearance’.

    On the left-hand side, you’ll see a menu. In that menu, click on ‘Appearance’.appearance in wordpress

  3. Click on ‘Customize’.

    The ‘Appearance’ settings will expand providing you additional options. Click on ‘Customize’.customize in WordPress

  4. Click on ‘Site Identity’.

    Here you can define your site name, tagline, logo, and icon. The image you set under “Site Icon” will be used as your site’s favicon:

That was easy, wasn’t it? So, no more excuses, get to it. Change that favicon on your WordPress site!

Read more: Favicons and your online brand »

The post How to change your favicon in WordPress: a step-by-step guide appeared first on Yoast.

What is user testing and why should you use it?

Watching your (potential) clients use your website or use your products can give you plenty of new insights. Seeing how they navigate, search or click your site can give you information you wouldn’t get out of just analyzing your data. And, as you know your product inside out, you might have developed some blind spots. Are you ready to discover your blind spots? Start user testing!

Getting to know your audience is essential if you want to be successful in marketing and SEO. That’s why we regularly write about methods to learn more about your customers, users or readers. This is the fourth post in our user research series, you might want to check out our posts about top task surveys, exit surveys, and panel research too!

What is user testing?

User testing is a type of user research in which respondents don’t just give you answers to your questions. Your respondents will actually work with your website or products. This way, you can see what works well and what doesn’t.

When you get people to actually use your website, you’ll probably get some new insights you would’ve never thought of without the user testing because of your own blind spots. Imagine you have an online shop and you sell clothing. You saw in the analytics that the percentage of visitors adding a product to the cart is quite low, but you have no idea why. When you choose test persons who don’t know your website, you can see how your site is used. Maybe a test user can’t find the ‘add-to-cart’-button or there might be a lack of product information, which prevents users from adding the products to the cart, you’ll see them searching for more information which simply isn’t there. Then you’ll already know, there is some work to do!

Besides website testing, you can, of course, make people test your actual products as well. Whether you have physical products or you’re selling software, it doesn’t really matter: there is always a way to make people test your products!

Why and when?

It’s incredibly valuable to get user testing insights next to the data you already get from your analytics. Some outcomes might be very obvious and easy to change, others are more complicated and need some thinking, designing and/or developing. 

This is why it’s valuable to add user testing to your process at an early stage. For example, when you’re designing a new website or a product, you could create a staging website to test with. If you have a new product coming out, you could create a prototype to test with. You might understand that it’s much easier to change something to your design when it’s not completely developed and live on the market yet. 

However, user testing can be performed in all stages of your process. When you did some user testing a couple of years ago, it might be valuable to do this again. Technologies change a lot and so do users. A new generation might use your website/product differently compared to your users a couple of years ago. 

The last reason why you should do user testing next to sending surveys is that you’ll know for sure the results are ‘real’. With surveys, there is always a chance users fill out wrong answers because they overestimate themselves or because they want to fit in a specific answer although they probably don’t. With user testing, there is no chance to cheat!

Types of user testing

There are a couple of user testing tactics you can choose from. We’ll sum them up below:

Live user testing with a moderator 

When you perform a live user test, your testers, and a moderator actually come together at a place you choose at forehand. The place can differ, depending on the type of user test you will do. When you’re testing a website or a software-related product, you might choose a quiet office. However, when your tester should test an actual product other places might be more suitable. You might agree that testing a bike, the office isn’t the best spot to choose.

Remote user testing with a moderator

The tester will not be at the same place as the moderator. They are in contact with a video call. The tester will follow your instructions and test your website or product and the moderator can watch along. This way, it’s easy to find testers because they don’t have to travel a long distance to actually meet you. But, with a moderator, you still have the chance to ask additional questions or to correct the tester when it seems necessary.

Remote user testing without a moderator

The testers will receive your instructions and will test in their own time, without someone watching along and helping/correcting them. The advantage is that you can make a lot of people test your website or product in a short period of time, which is good for the representativeness of your research. However, it will take a lot of time to view the recordings of all tests and to set up your report. We recommend using this tactic for small things or small changes to your product to keep it clear and to keep an overview. 

Getting started

So, when you’ve decided what you want to test, when you want to start user testing and what tactic you want to make use of it’s time to start. 

  1. Create a plan of action

    Create a document in which you enumerate the goals of your user tests. Thinking of what you want to achieve at forehand will help you pick the right testers and to set up your test scenario.

  2. Create a user testing script

    Create testing scenarios which your testers will have to follow during testing. What questions need to be answered? What path do you want them to follow? What parts shouldn’t be missed? Make sure you get all the insights you’ll need for improvement.

  3. Decide what testers you’ll need

    Decide how many testers you want, what tactic you want to use and what type of testers you want. Think of gender, age, level of expertise etc. It can be valuable to recruit a diverse set of testers. Keep in mind that it’s also possible to use different user testing tactics at the same time.

  4. Create the first planning

    Decide when the tests need to take place and create a first planning.

  5. Recruit testers

    Start recruiting testers. Make use of email, social media, direct contact, use your creativity in here! An incentive can help when not enough people are responding to your call for testers.

  6. Create the final planning

    Set up the final planning. When you have recruited enough testers, you can create your final planning for the testing phase and for the reporting phase afterwards.

  7. User testing phase!

    Actual user testing. Make sure you record all user tests so you can watch everything back when reporting all findings and outcomes. It’s easy to forget things during all the user tests.

  8. Create the final report

    Create the final report with all the results. Report all important findings and report the level of representativeness for your group. A bigger group will be more representative compared to a small group of testers. 

  9. Need for additional research?

    Decide whether you’ll need to do additional research to increase the representativeness of your research. With the outcomes of the user tests, it might be easy to set up a survey for a bigger group of respondents. 

  10. Share results & implement improvements

    Share the results within your company or team. Others might have a valuable opinion on how to fix/improve things as well. After that, implement all the improvements you need to make! Some might be obvious and easy to implement, others need to roll in your design/developing process before they can be implemented.

Have you ever done some user testing? Or will you, after reading this post? Let us know in the comments below!

Read more: Panel research for your business: Benefits and tips »

The post What is user testing and why should you use it? appeared first on Yoast.

Content areas in Gutenberg, Twenty Twenty update and Elementor integration

It’s Monday, time for a fresh WordPress Watch. We’ve got more news on Twenty Twenty in WordPress 5.3 and there’s an update on what’s going to be the next big focus of the Gutenberg project. There’s also exciting news about the integration of two different solutions. Let’s get to it!

Twenty Twenty!

Last week it was announced that Andres Norén would lead the charge for introducing Twenty Twenty in WordPress 5.3. Andres explains the direction under which Twenty Twenty will be created with the following words:

The Block Editor will soon celebrate its first birthday in Core and with every update it grows more capable. The promise of the block editor is to give users the freedom to design and structure their sites as they see fit. The responsibility of a theme is to empower users to create their inspired vision by making the end result look as good, and work as well, as the user intended.

Twenty Twenty is designed with flexibility at its core. If you want to use it for an organization or a business, you can combine columns, groups, and media with wide and full alignments to create dynamic layouts to show off your services or products. If you want to use it for a traditional blog, the centered content column makes it perfect for that as well. 

Andres Norén

An example of what a blog post in Twenty Twenty will look like was also shared:

Single blog post in Twenty Ten. More examples here.

Content Areas are the next big thing in Gutenberg

The Gutenberg project and the accompanying plugin has had its biggest focus on the content editor itself. Up until now. Matias Ventura posted a thorough update on what is going to be the next big focus: content areas. In Matias’ own words:

Content areas represent parts of a site where blocks can be added and manipulated. Since content has a very specific meaning in WordPress already, we can also refer to these as block areas more generally to avoid opaqueness. Block areas would include headers, footers, sidebars, and any other meaningful template part outside of the post content that contains blocks.

Matias Ventura

The rest of the post, and it includes a video and code examples, is an interesting read into the future of where the Gutenberg project is going and how much of a page builder Gutenberg will actually turn into. Spoiler alert: a lot.

LifterLMS meets Elementor

It’s always nice to see deep integrations between two different solutions that instantly make both products better. LifterLMS, one of the most versatile online course and membership software solutions out there, can finally be integrated with Elementor properly.

The folks over at Tangible Plugins built a plugin that bridges both solutions perfectly into one deep integrated solution. Definitely worth checking out if you’re using Elementor!

Smooth integrations with Gutenberg

Came across a tweet from Rich Tabor, creator of the wonderful CoBlocks plugin that highlights a new feature available in the latest Gutenberg plugin. I could write out what it does, but I Rich has included a GIF in his tweet that explains it way better than I could ever put it into words:

Bonus links

The post Content areas in Gutenberg, Twenty Twenty update and Elementor integration appeared first on Yoast.

People of WordPress: Abdullah Ramzan

You’ve probably heard that WordPress is open-source software, and may know that it’s created and run by volunteers. WordPress enthusiasts share many examples of how WordPress changed people’s lives for the better. This monthly series shares some of those lesser-known, amazing stories.

Meet Abdullah Ramzan, from Lahore, Punjab, Pakistan.

Abdullah Ramzan was born and brought up in the under-developed city of ​Layyah​, which is situated in Southern Punjab, Pakistan and surrounded by desert and the river ​Sindh​.

He graduated from college in his home town and started using a computer in ​2010​ when he joined ​Government College University Faisalabad​. Abdullah’s introduction to WordPress happened while he was finishing the last semester of his degree. His final project was based in WordPress.

Ramzan’s late mother was the real hero in his life, helping him with his Kindergarten homework and seeing him off to school every day. 

Before her heart surgery, Ramzan visited her in the hospital ICU, where she hugged him and said: ​“Don’t worry, everything will be good.” Sadly, his mother died during her surgery. However, her influence on Ramzan’s life continues.

Start of Ramzan’s Career:

After graduation, Ramzan struggled to get his first job. He first joined PressTigers as a Software Engineer and met Khawaja Fahad Shakeel, his first mentor. Shakeel provided Ramzan with endless support. Something had always felt missing in his life, but he felt like he was on the right track for the first time in his life when he joined the WordPress community. 

Community – WordCamps and Meetups:

Although Ramzan had used WordPress since ​2015​, attending WordPress meetups and open source contributions turned out to be a game-changer for him. He learned a lot from the WordPress community and platform, and developed strong relationships with several individuals. One of them is Nidhi Jain​ from Udaipur India who he works with on WordPress development. The second is Jonathan Desrosiers​ who he continues to learn a lot from.

In addition, Usman Khalid, the lead organizer of WC Karachi, mentored Ramzan, helping him to develop his community skills. 

With the mentorship of these contributors, Ramzan is confident supporting local WordPress groups and helped to organize ​WordCamp Karachi​, where he spoke for the first time at an international level event. He believes that WordPress has contributed much to his personal identity. 

Abdullah Ramzan at WordCamp Karachi 2018

WordPress and the Future:

As a ​co-organizer of WordPress Meetup Lahore,​ he would love to involve more people in the community leadership team, to provide a platform for people to gather under one roof, to learn and share something with each other.

But he has loftier ambitions. Impressed by Walk to WordCamp Europe, Abdullah is seriously considering walking to WordCamp Asia. He also one day hopes for the opportunity to serve his country as a senator of Pakistan and intends to enter the next senate election.

Words of Encouragement

Abdullah Ramzan knows there is no shortcut to success. “You have to work hard to achieve your goals,” explained Ramzan. He still has much he wishes to accomplish and hopes to be remembered for his impact on the project.

Abdullah believes WordPress can never die as long as people don’t stop innovating to meet new demands. The beauty of WordPress is that it is made for everyone.

Ramzan encouraged, “If you seriously want to do something for yourself, do something for others first. Go for open source, you’ll surely learn how to code. You’ll learn how to work in a team. Join local meetups, meet with the folks: help them, learn from them, and share ideas.”


This post is based on an article originally published on HeroPress.com, a community initiative created by Topher DeRosia. HeroPress highlights people in the WordPress community who have overcome barriers and whose stories would otherwise go unheard.

Meet more WordPress community members over at HeroPress.com!

Celebrating the WordPress community: the Yoast Care fund

WordPress is wonderful! It is a wonderful CMS and with it comes a wonderful community. At Yoast, we’re definitely WordPress fanboys and fangirls. We’re fans of the CMS, fans of the community and fans of all those kickass volunteers. That’s why we’ve decided to introduce a new fund: the Yoast Care fund. Care stands for The Community Appreciation REwards. As of today, we want to celebrate those awesome volunteers with Yoast Care!

What is Yoast Care?

The Yoast Care fund contains money. You can nominate a person who is active in the WordPress community as a volunteer, and if we reward a person with a Yoast Care, they will receive $500. Besides that, we’ll do an interview, which we’ll publish on Yoast.com. In this interview, we want to tell the world about the awesome work someone has been doing as a WordPress volunteer.

Why Yoast Care?

A lot of people at Yoast do work for WordPress and we’re able to pay for most of their time. They do awesome work but also get compensated for it. However, a lot of the people in the WordPress Community are freelancers. And, they don’t have a company that pays the hours they put into our ecosystem. They don’t get compensated for their time or energy at all. 

We get it: it’s a lot easier to contribute to WordPress if you get paid for it. But, it’s impossible for Yoast to hire all those volunteers. That wouldn’t be healthy for our business. And, more importantly, those independent volunteers are of tremendous value. Those freelancers, their independent voices: that’s important for the WordPress ecosystem, that’s something we cherish (even though we might disagree with them sometimes ;-)).  

We’ve noticed that quite some people in the WordPress community don’t feel appreciated. And, let’s face it: it’s hard to show appreciation to one another in a community that’s scattered around the world. But we should make an effort to do so. We should celebrate each other and each other’s accomplishments a bit more often. We’ve been talking about these things a lot at Yoast and decided to set some money aside to get the Yoast Care started.  

What to do?

Do you know somebody who does amazing work in WordPress? Someone, a volunteer, who deserves a bit of recognition? Don’t hesitate to nominate that person!

We’re going to give away Yoast Cares to people that are nominated for it by someone else. You’ll have to fill out our form and explain why this person deserves a Care. Read more about it on our application page.

We’ve set aside $25.000 a year to spend on Yoast Cares. So, we’re really looking forward to receiving those first applications! To whom should we give our very first Yoast Care? Please let us know!

More information?

Do you want to know more about how to nominate someone or what our specific conditions are? Read all about it on our application page! And, while you’re at it: don’t forget to read about our diversity fund

The post Celebrating the WordPress community: the Yoast Care fund appeared first on Yoast.

WordPress 5.2.3 Security and Maintenance Release

WordPress 5.2.3 is now available!

This security and maintenance release features 29 fixes and enhancements. Plus, it adds a number of security fixes—see the list below.

These bugs affect WordPress versions 5.2.2 and earlier; version 5.2.3 fixes them, so you’ll want to upgrade.

If you haven’t yet updated to 5.2, there are also updated versions of 5.0 and earlier that fix the bugs for you.

Security Updates

  • Props to Simon Scannell of RIPS Technologies for finding and disclosing two issues. The first, a cross-site scripting (XSS) vulnerability found in post previews by contributors. The second was a cross-site scripting vulnerability in stored comments. 
  • Props to Tim Coen for disclosing an issue where validation and sanitization of a URL could lead to an open redirect. 
  • Props to Anshul Jain for disclosing reflected cross-site scripting during media uploads.
  • Props to Zhouyuan Yang of Fortinet’s FortiGuard Labs who disclosed a vulnerability for cross-site scripting (XSS) in shortcode previews.
  • Props to Ian Dunn of the Core Security Team for finding and disclosing a case where reflected cross-site scripting could be found in the dashboard.
  • Props to Soroush Dalili (@irsdl) from NCC Group for disclosing an issue with URL sanitization that can lead to cross-site scripting (XSS) attacks.
  • In addition to the above changes, we are also updating jQuery on older versions of WordPress. This change was added in 5.2.1 and is now being brought to older versions. 

You can browse the full list of changes on Trac.

For more info, browse the full list of changes on Trac or check out the Version 5.2.3 documentation page.

WordPress 5.2.3 is a short-cycle maintenance release. The next major release will be version 5.3.

You can download WordPress 5.2.3 from the button at the top of this page, or visit your Dashboard → Updates and click Update Now.

If you have sites that support automatic background updates, they’ve already started the update process.

Thanks and props!

This release brings together contributions from more than 62 other people. Thank you to everyone who made this release possible!

Adam SilversteinAlex ConchaAlex GollerAndrea FerciaAndrew DuthieAndrew OzzAndy Fragen, Ashish ShuklaAslam Shekhbackermann1978Catalin DogaruChetan PrajapatiChris ApreaChristoph Herrdan@micamedia.comDaniel LlewellyndonmhicoElla van DurpeepiquerasFencer04flaviozavanGarrett HyderGary Pendergastgqevu6bsizHardik ThakkarIan BelangerIan DunnJake SpurlockJb AudrasJeffrey PauljikamensJohn BlackbournJonathan Desrosiers, Jorge Costa, karlgrovesKjell ReigstadlaurelfulfordMaje Media LLCMartin SpatovaliyskiMary BaumMonika RaoMukesh Panchalnayana123Ned ZimmermanNick Daugherty, Nilambar SharmanmenescardiPaul Vincent BeigangPedro MendonçaPeter WilsonSergey BiryukovSergey PredvoditelevSharaz ShahidStanimir StoyanovStefano MinoiaTammie ListertellthemachinestmatsuurVaishali PanchalvortfuWill West, and yarnboy.

Yoast SEO 12.0: UX improvements and new Portuguese checks

Contrary to what the version number might suggest, Yoast SEO 12.0 isn’t a huge release. It’s simply the next release in our current release schedule, but after hitting 11.9 a couple of weeks ago we had no choice but to go for 12.0. That’s how it goes! But don’t worry, there’s enough interesting stuff in this release, including two new checks for the Portuguese language.

Continuing UX improvements

Over the past couple of release, we’ve been steadily improving the way we handle validation. In the past, it wasn’t always clear if the stuff you input in fields was formatted the way it should. There wasn’t too much feedback from the plugin. We’re now actively improving this and looking at each field to see what should go in there. So if something should be a URL, we now verify that what you enter is really formatted as a URL. No longer can you add gibberish in the fields!

In the same vain, we are now updating the document title in the settings whenever we find something wrong with a form. The W3C suggests this technique as a way of improving the accessibility of a page. One of the first things a screen reader encounters on a page is the <title>, so now it can read that to find errors on a page. It can now read these out loud to notify the user. Great, right?

We’ve also improved the wording in several places to make it more clear what something means. For instance, Emily Leffler Schulman suggested to improve the feedback the plugin shows when you haven’t set a focus keyphrase for a post. It used to show a grey Yoast icon with the not very helpful line: SEO: Not available. We’ve changed that to Focus Keyphrase not set. Much more helpful. Don’t forget people: set your focus keyphrase.

The last UX change we’d like to highlight is limiting the width of the meta box. This change, suggested by Louise Ann Apostol, makes sure that the meta box doesn’t overstretch on very large screens.

Portuguese language SEO improvements

As you know, most of our content checks work for every language out there. But some parts of our readability checks are tailored for different languages as not every language is interchangable. We currently support a whole slew of languages in some form or another. We have listed the languages and the features each language supports.

In Yoast SEO 12.0, thanks to Dilmar Ames, we’ve enhanced our support for the Portuguese language. We now support two new checks for Portuguese:

  • Consecutive sentences check: this is the assessment that checks whether multiple sentences in a row begin with the same word;
  • Sentence length check: this assessment checks the length of your sentences to warn you if you use too many long sentences.

We are hard at work adding new languages and improving the ones we already support. Don’t see your language yet? Hang tight, we might get there soon.

Update now to Yoast SEO 12.0

While Yoast SEO 12.0 is not the huge release you might expect if you see that version number, it’s a nice release with quite a few improvements. Please update to the latest version when you are ready.

Thanks for using Yoast SEO!

The post Yoast SEO 12.0: UX improvements and new Portuguese checks appeared first on Yoast.