WordPress 4.3 is now available for download.
For WordPress Users
This update includes a number of improvements in the admin area (menu customizer, formatting shortcuts, site icons), automatically generated secure passwords for new users, comments turned off by default for pages, and other great changes which will make working with WordPress on all your devices easier and more enjoyable.
For WordPress Developers
There are some noticeable changes with this new version as well including a new page template (singular.php), multisite changes, list table changes, and other customizer enhancements.
You can read more about the update: http://wordpress.org/wordpress-4.3.zip
WordPress 4.2.4 is now available and should be applied to all your sites as soon as possible as it addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site. For more information, see the release notes or view the list of changes.
You can read more about the update: https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/
You can download WordPress 4.2.4: http://wordpress.org/wordpress-4.2.4.zip
WordPress 4.2.3 is now available and should be applied to all your sites as soon as possible as it addresses security issues and contains fixes for 20 bugs from WordPress version 4.2. For more information, see the release notes or view the list of changes.
You can read more about the update: http://wordpress.org/wordpress-4.2.3.zip
WordPress 4.2.2 is now available and should be applied to all your sites as soon as possible as it addresses two security issues, includes hardening for a potential cross-site scripting vulnerability when using the visual editor, and contains 13 bug fixes from 4.2.
You can read more about the update: https://wordpress.org/news/2015/05/wordpress-4-2-2/
You can download WordPress 4.2.2: http://wordpress.org/wordpress-4.2.2.zip
WordPress 4.2.1 is now available and should be applied to all your sites as soon as possible as it contains a critical security update.
You can read more about the update: https://wordpress.org/news/2015/04/wordpress-4-2-1/
You can download WordPress 4.2.1: http://wordpress.org/wordpress-4.2.1.zip
WordPress 4.2 is now available with all sorts of great features including:
- An easier way to share content
- Extended character support (including emoji) 😉
- More embeds (tumblr and Kickstarter)
- Streamlined plugin updates
You can read more about the update: https://wordpress.org/news/2015/04/powell/
You can download WordPress 4.2: http://wordpress.org/wordpress-4.2.zip
WordPress version 4.1.2 is now available to download and contains changes to address the following serious security issues:
- A serious critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site.
- Files with invalid or unsafe names could be upload.
- Some plugins are vulnerable to an SQL injection attack.
- A very limited cross-site scripting vulnerability could be used as part of a social engineering attack.
- Four hardening changes, including better validation of post titles within the Dashboard.
You can read more about the update: https://core.trac.wordpress.org/log/branches/4.1?rev=32234&stop_rev=32144
You can download WordPress 4.1.2: http://wordpress.org/wordpress-4.1.2.zip
Every once and awhile I will see an older version of WordPress when working on something for a client. Yesterday I saw a super blast from the past: WordPress 3.04. This prompted me to do a service announcement: keeping WordPress up to date is easy. Fixing a hacked version of WordPress can be complex.
Let’s break it down:
Keeping WordPress up to date is easy.
- Easiest: automatic background updates (WordPress 3.7+)
- Easy: One-click update (WordPress 2.7+)
- Manual (still pretty easy – but not everyone is comfortable with FTP)
Documentation on updating WordPress: http://codex.wordpress.org/Updating_WordPress
Fixing a hacked version of WordPress can be complex.
- Google can/will blacklist your site with Google Blacklist
- Simple updates take moments, having someone find the source of the hack, fixing it, and cleaning up can take hours.
- Did you really have a good backup? Whoops.
- All passwords, secrets will need to be changed
- Hacks can insert spam into your content. No one wants content spam
- You will need to scan your site for malware to make sure everything is removed so it does not happen again right away
Documentation on what to do if your WordPress site has been hacked: http://codex.wordpress.org/FAQ_My_site_was_hacked
In the end:
You are going to have to update to the latest version of WordPress anyways. You have options (automatic, one click, manual) – not excuses.
WordPress version 4.1.1 is now available to download and contains 21 bug fixes from 4.1. If you have not updated (or are not set up for automatic background updates) – take some time to backup your site and update.
You can read more about the update: http://wordpress.org/wordpress-4.1.1.zip
Happy holidays! WordPress version 4.1 is now available and offers a lot of nice improvements both on the front and back end.
For content publishers – the “Distraction-free writing” option makes authoring great content easier/less distracting.
Users now also have the option to “Log out everywhere” so if you are on a shared computer and forgot to sign out – you can go to your profile and choose “log out everywhere
WordPress 4.1 also offers introduces a new theme called “Twenty Fifteen” which is a beautiful responsive theme.
On the backend – developers now are able to easily work with more complex meta, date, and term queries, have a number of new options in the “Customizer API”, and have better control over the title tag with themes.
You can read more about the update: https://core.trac.wordpress.org/log/branches/4.1?stop_rev=30798&rev=30974
You can download WordPress 4.1: http://wordpress.org/wordpress-4.1.zip