In this week’s WordPress design roundup, we weigh the pros and cons of UX design bootcamps, consider what a recent US Supreme Court decision could mean for web designers, and see why a particular member plugin leaves sites vulnerable to attack. 

UX design bootcamps: good or bad for product managers?

UX design bootcamps have gained popularity for their promise to turn novices into job-ready professionals in just a few weeks. The Google UX Design Professional Certificate on Coursera is a popular and affordable 6-month bootcamp that targets individuals looking to enter the field of UX design. As a product manager, taking on this challenge can enhance skills and provide a competitive edge. However, it is not without its challenges, especially for those lacking prior experience with UI design tools and systems. 

Image source: Product School

According to an article published by product manager Stefanie Warum on Medium, the certificate program requires weekly deliverables in the form of documents, mockups, and prototypes, demanding hard work to achieve visually appealing designs. For product managers looking to expand their skill set and improve their ability to lead cross-functional teams, learning more about UX design can be worth the effort.

U.S. Supreme Court rules for web designers who want to discriminate

In a recent ruling, the Supreme Court has determined that a graphic designer cannot be compelled to create a website promoting a gay wedding, citing First Amendment protections against compelled speech. According to The Verge, the decision, supported by a 6 to 3 vote, was delivered by Justice Neil Gorsuch in the case of 303 Creative v. Elenis. Gorsuch argued that forcing the designer, Lorie Smith, to create content that goes against her beliefs would set a dangerous precedent and infringe upon freedom of speech. The dissenting opinion, delivered by Justice Sonia Sotomayor, disagreed with the idea that the case is about speech and instead viewed it as an act of discrimination. 

Image source: Getty Images Signature

This ruling raises questions about the intersection between freedom of speech and online moderation as conservative lawmakers in several states are attempting to ban certain types of content moderation on social media platforms. These bans would require website designers to create designs speaking messages they disagree with, potentially leading to further legal conflicts in the future.

A common WordPress plugin grants hackers ‘ultimate’ admin access

A critical vulnerability in the Ultimate Member plugin for WordPress has put thousands of sites at risk. TechRadar reported the vulnerability, tracked as CVE-2023-3460, allows unauthenticated attackers to register as administrators and take control of the website. Versions 2.6.4, 2.6.5, and 2.6.6 attempted to fix the issue, but users were still vulnerable. Wordfence advised users to uninstall the plugin until a fix was released and offered a firewall rule for protection. 

Image source: Wordfence

The plugin’s support team confirmed that version 2.6.7 had been released as a fix. The changelog states that the update addresses a privilege escalation vulnerability used through UM Forms, which allowed strangers to create administrator-level WordPress users. Users are urged to update to version 2.6.7 and check their site for any compromised admin-level users.

We hope you found this read enjoyable and informative. If so, we encourage you to explore other editions of our weekly WordPress design roundup. Each edition features the latest trends, tips, and inspiration for designing a stunning WordPress website. Happy designing!