WordPress 4.2.1 Released to Patch Comment Exploit Vulnerability

This morning we reported on an XSS vulnerability in WordPress 4.2, 4.1.2, 4.1.1, and 3.9.3, which allows an attacker to compromise a site via its comments. The security team quickly patched the vulnerability and released 4.2.1 within hours of being notified. WordPress’ official statement on the security issue: The WordPress (more…)

Do WordPress.org Themes Need a Changelog?

Over the weekend, Theme Review Team member Jose Castaneda posted a proposal to add change logs to themes hosted on WordPress.org. The discussion has been on the table for years, but renewed interest in change logs is surfacing for the upcoming 4.3 and 4.4 release cycles. Adding changelogs to themes (more…)

Story.am Relaunches, Now 100% Free

Nick Haskins launched Story.am earlier this year as a hosted storytelling platform that offers all the features of Aesop Story Engine. Initially, the platform was only available to paying customers, but this week Haskins announced that Story.am is now available to everyone for free. The platform had not received much (more…)

Why Some Sites Automatically Updated to WordPress 4.1.3

Since WordPress 4.2 was released, some users are questioning why their sites have automatically updated to WordPress 4.1.3. There’s no information about the release on the Make WordPress Core site or the official WordPress news blog. However, this Codex article explains what’s in 4.1.3 and the reason it was released. (more…)

Jetpack 3.5 Introduces Menu Management on WordPress.com

Jetpack 3.5 was released today, coinciding with WordPress 4.2. This release expands the capabilities of Jetpack’s centralized site management to include menus. If you have Jetpack Manage activated, you can now log into WordPress.com to manage menus for any of your sites that have opted in. The benefit of going (more…)

WordPress 4.2 "Powell" is Now Available for Download

WordPress 4.2 “Powell” has arrived and is now ready for download. It is named for Earl Rudolph “Bud” Powell, an American jazz pianist. This release, led by 10up engineer Drew Jaynes, offers a balanced mix of front-facing features that users will enjoy, as well as improvements for developers. Here is (more…)