WordPress 4.2.3, a critical security release, was automatically pushed out to users yesterday to fix an XSS vulnerability. Shortly afterwards, the WordPress.org support forums were flooded with reports of websites broken by the update. Roughly eight hours later Robert Chapin (@miqrogroove) published a post to the Make.WordPress.org/Core blog, detailing changes to the Shortcode API that…
WordPress users in the Americas woke this morning to find update notices in their inboxes due to a critical security vulnerability. WordPress 4.2.3 was released today and automatically pushed out to sites that have auto-updates enabled. Because this is a security release for all previous versions of WordPress, those who do not have automatic update…
WordPress has a whitelist of 31 trusted sites from which users can oEmbed content, but one source is noticeably missing – WordPress itself. During this week’s feature plugin chat, Pascal Birchler and a group of contributors proposed the idea of oEmbed for WordPress Posts: Basically, we want to make WordPress an oEmbed provider. Users should…
WordPress 4.3 beta 3 was released this week right on schedule, and beta 4 is expected to arrive next Wednesday. This release includes more than 140 fixes and improvements since last week’s beta. One of the most important changes you’ll notice is that the Site Icon feature is now available in the customizer in addition…
WordPress REST API project lead Ryan McCue, in cooperation with Automattic’s Engineering team, released a REST API Console plugin on WordPress.org today. It’s a basic console that fits right into the WordPress admin and allows you to explore the API, make small changes, and find out what your site is exposing. “This is a forked…
WordPress.org will soon support translations and language packs for themes hosted in the official directory. In Matt Mullenweg’s Q&A at WordCamp Europe 2015, he emphasized the importance of having better language support for themes and plugins and identified this as a high priority for continued improvements to WordPress.org. Today the WordPress meta team announced that…
Earlier this month, Tom McFarlin published a great post where he shares his perspective on the WordPress community. His post struck a nerve and instead of discussing it through comments, I invited him to a Google Hangout to have a candid conversation. Within the conversation, McFarlin and I discuss a number of topics, including: Community…
Post Formats is a feature introduced in WordPress 3.1 that enables themes to visually differentiate between types of content. A metabox with radio buttons was added in WordPress 3.6 to expose the feature to users and allow them to easily select a format. Since WordPress 3.6 was released, there has been little effort to improve…
WordPress 4.3 beta 1 was put into the hands of testers last week. Those who have been following 4.3 developments are already familiar with the major features headlining this release, ie. the new site icons, menu management in the customizer, and more secure passwords. However, there are also a couple lesser-known improvements that will have…
PHP 4 style constructors are being deprecated in WordPress 4.3 to ease the transition to support PHP 7. According to Aaron Jorbin, on the Make WordPress Core blog post, WordPress r32990 introduces a change so that all classes use the PHP 5 style constructors, while still retaining the PHP 4 style constructors for backwards compatibility. A…
The video of Matt Mullenweg’s Q&A session at WordCamp Europe is now published on WordPress.tv. For those who were unable to attend, this session provides a glimpse into what WordPress’ co-founder sees for the future of the software and the community. One of the most exciting parts of the video is where Mullenweg talks about…
WordPress 4.3 is right around the corner with beta 1 released and ready for testing. According to the 4.3 project schedule, there will be no more commits for new enhancements or feature requests from this point on. Contributors are now focusing on bug fixes and documentation ahead of August 18th, the target release date. With…
WordPress 4.3 is on track to include a new site icons feature, which will allow administrators to easily upload an image to be used as the favicon and app icons for a site. Favicons have traditionally been handled by WordPress themes or plugins, but the new core support means that users no longer have to…
WordPress 4.3 will introduce menu management via the customizer, providing live previews on the frontend for adding, deleting, and ordering menu items. Although users still have the option to manage menus using the admin interface, developers who are not keen on the feature are searching for an easy way to disable the customizer and remove…
While on stage at WordCamp Europe answering a question related to WordPress’ security track record, Matt Mullenweg named Nikolay Bachiyski as the first Security Czar for the WordPress project. https://twitter.com/redcrew/status/614414379380011009 Bachiyski is employed by Automattic and has been a member of the WordPress community for more than 10 years. Over that time period, he’s established…