WordPress Update: WordPress 4.2.2 Available

WordPress 4.2.2 is now available and should be applied to all your sites as soon as possible as it addresses two security issues, includes hardening for a potential cross-site scripting vulnerability when using the visual editor, and contains 13 bug fixes from 4.2.

You can read more about the update: https://wordpress.org/news/2015/05/wordpress-4-2-2/

You can download WordPress 4.2.2: http://wordpress.org/wordpress-4.2.2.zip

WordPress Update: WordPress 4.2.1

WordPress 4.2.1 is now available and should be applied to all your sites as soon as possible as it contains a critical security update.

You can read more about the update: https://wordpress.org/news/2015/04/wordpress-4-2-1/

You can download WordPress 4.2.1: http://wordpress.org/wordpress-4.2.1.zip

WordPress Update: WordPress 4.2 Now Available

WordPress 4.2 is now available with all sorts of great features including:

  • An easier way to share content
  • Extended character support (including emoji) 😉
  • More embeds (tumblr and Kickstarter)
  • Streamlined plugin updates
  • For developers…Complex query ordering, utf8mb4 support, shared term splitting, and javaScript accessibility (send audible notifications to screen readers)

You can read more about the update: https://wordpress.org/news/2015/04/powell/

You can download WordPress 4.2: http://wordpress.org/wordpress-4.2.zip

WordPress Update: WordPress 4.1.2 Now Available

WordPress version 4.1.2 is now available to download and contains changes to address the following serious security issues:

  • A serious critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
  • Files with invalid or unsafe names could be upload.
  • Some plugins are vulnerable to an SQL injection attack.
  • A very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
  • Four hardening changes, including better validation of post titles within the Dashboard.

You can read more about the update: https://core.trac.wordpress.org/log/branches/4.1?rev=32234&stop_rev=32144

You can download WordPress 4.1.2: http://wordpress.org/wordpress-4.1.2.zip

No Excuses! Keeping WordPress Up to Date is Easy

Every once and awhile I will see an older version of WordPress when working on something for a client. Yesterday I saw a super blast from the past: WordPress 3.04. This prompted me to do a service announcement: keeping WordPress up to date is easy. Fixing a hacked version of WordPress can be complex.

Let’s break it down:
Keeping WordPress up to date is easy.

  • Easiest: automatic background updates (WordPress 3.7+)
  • Easy: One-click update (WordPress 2.7+)
  • Manual (still pretty easy – but not everyone is comfortable with FTP)

Documentation on updating WordPress: http://codex.wordpress.org/Updating_WordPress

Fixing a hacked version of WordPress can be complex.

  • Google can/will blacklist your site with Google Blacklist
  • Simple updates take moments, having someone find the source of the hack, fixing it, and cleaning up can take hours.
  • Did you really have a good backup? Whoops.
  • All passwords, secrets will need to be changed
  • Hacks can insert spam into your content. No one wants content spam
  • You will need to scan your site for malware to make sure everything is removed so it does not happen again right away

Documentation on what to do if your WordPress site has been hacked: http://codex.wordpress.org/FAQ_My_site_was_hacked

In the end:
You are going to have to update to the latest version of WordPress anyways. You have options (automatic, one click, manual) – not excuses.

WordPress Update: WordPress 4.1.1 Now Available

WordPress version 4.1.1 is now available to download and contains 21 bug fixes from 4.1. If you have not updated (or are not set up for automatic background updates) – take some time to backup your site and update.

You can read more about the update: http://wordpress.org/wordpress-4.1.1.zip

WordPress Update: WordPress 4.1 Now Available

Happy holidays! WordPress version 4.1 is now available and offers a lot of nice improvements both on the front and back end.

For content publishers – the “Distraction-free writing” option makes authoring great content easier/less distracting.


Users now also have the option to “Log out everywhere” so if you are on a shared computer and forgot to sign out – you can go to your profile and choose “log out everywhere


WordPress 4.1 also offers introduces a new theme called “Twenty Fifteen” which is a beautiful responsive theme.

On the backend – developers now are able to easily work with more complex meta, date, and term queries, have a number of new options in the “Customizer API”, and have better control over the title tag with themes.

You can read more about the update: https://core.trac.wordpress.org/log/branches/4.1?stop_rev=30798&rev=30974

You can download WordPress 4.1: http://wordpress.org/wordpress-4.1.zip

WordPress Site Management with JetPack


With the recent update of the JetPack plugin – a new feature called “Site Management” has been added.

If you run multiple WordPress sites – the chances are – you are using the same plugins on multiple sites. If you would like to streamline plugin updates – you can now easily do so with the new “Site Management” option in JetPack.

How does this work?

  1. Update to JetPack 3.3 and enable the new feature by clicking “Activate Now” in the JetPack banner (seen above)
  2. Log in to http://wordpress.com/sites to view the sites you have registered, add more if needed.
  3. Choose the site you want to configure for plugin updates and see all plugins listed. Select each plugin to configure it (perhaps some plugins you will always want to update automatically, but others not). There are two options – Active and Autoupdates. (Active = plugin active vs. inactive) Autoupdate (auto update this plugin vs do not auto update the plugin)

While this makes managing plugin updates easier – make sure you consider quality assurance testing. Auto updates or mass updating plugins makes updating easy – but the need for quality assurance testing is still needed and should not be overlooked. Whether you have unit tests or do testing with user scripts – remember to still plan for time/effort after the updates.

Thanks to JetPack for taking this on. I look forward to playing around with this.

WordPress Update: WordPress 4.0.1 Now Available

wordpress-logo-notext-rgbWordPress version 4.0.1 is now available for download. This latest version of WordPress is an important security update. If your site supports automatic background updates, your site should already by up to date – or will be within the next few hours. This security update is considered critical – as there are multiple cross-site scripting issues as well as 23 bug fixes in the update. Please take a few minutes to back up your site and apply this update now.

You can read more about the update: https://wordpress.org/news/2014/11/wordpress-4-0-1/

You can download WordPress 4.0.1: http://wordpress.org/wordpress-4.0.1.zip

WordPress Update: WordPress 4.0 Available

wordpress-logo-notext-rgbWordPress version 4.0 is now available for download. This latest version of WordPress is full of user interface improvements that will make working with WordPress feel smoother and more refined. If you have not updated your site yet, be sure to create a backup, and then update so you can experience the improvements of 4.0

A few highlights:

  • Improved media preview
  • Embed videos, playlists by simply adding in a URL (list of all embeds supported)
  • Improved editor for all screen sizes
  • Improved plugin search and installer view
  • Language chooser (on install)
  • More powerful ORDER BY when using WP_QUERY

You can read more about the update: http://wordpress.org/news/2014/09/benny/

You can download WordPress 4.0: http://wordpress.org/wordpress-4.0.zip