WordPress

WordPress 4.2.1 Released to Patch Comment Exploit Vulnerability

This morning we reported on an XSS vulnerability in WordPress 4.2, 4.1.2, 4.1.1, and 3.9.3, which allows an attacker to compromise a site via its comments. The security team quickly patched the vulnerability and released 4.2.1 within hours of being notified. WordPress’ official statement on the security issue: The WordPress (more…)

Why Some Sites Automatically Updated to WordPress 4.1.3

Since WordPress 4.2 was released, some users are questioning why their sites have automatically updated to WordPress 4.1.3. There’s no information about the release on the Make WordPress Core site or the official WordPress news blog. However, this Codex article explains what’s in 4.1.3 and the reason it was released. (more…)

WordPress 4.2 "Powell" is Now Available for Download

WordPress 4.2 “Powell” has arrived and is now ready for download. It is named for Earl Rudolph “Bud” Powell, an American jazz pianist. This release, led by 10up engineer Drew Jaynes, offers a balanced mix of front-facing features that users will enjoy, as well as improvements for developers. Here is (more…)

Confessions of a WordPress Trac Ticket Lobbyist

This post was contributed by Robert Dall. Studying web design in college, he stumbled upon WordPress.com early in his career. Dall made the natural progression from WordPress.com to the self-hosted version of WordPress. Since then, he’s worked almost exclusively with WordPress using it as a blog, CMS, portfolio, and e-commerce. He’s (more…)