Welcome to ManageWP.org

Register to share, discuss and vote for the best WordPress stories every day, find new ideas and inspiration for your business and network with other members of the WordPress community. Join the #1 WordPress news community!

×

Community | wordpress.org | Aug. 3, 2018

WordPress 4.9.8 Maintenance Release

We are pleased to announce the immediate availability of WordPress 4.9.8. This maintenance release fixes 46 bugs, enhancements and blessed tasks, including updating the Twenty Seventeen bundled theme.

WordPress 4.9.8 Maintenance Release

Community | wordpress.org | Aug. 3, 2018

We are pleased to announce the immediate availability of WordPress 4.9.8. This maintenance release fixes 46 bugs, enhancements and blessed tasks, including updating the Twenty Seventeen bundled theme. Following are the highlights of what is now available.
“Try Gutenberg” callout
Most users will now be presented with a notice in their WordPress dashboard. This “Try Gutenberg” is an opportunity for users to use the Gutenberg block editor before it is released in WordPress 5.0.
In WordPress 4.9.8, the callout will be shown to the following users:
If Gutenberg is not installed or activated, the callout will be shown to Admin users on single sites, and Super Admin users on multisites.
If Gutenberg is installed and activated, the callout will be shown to Contributor users and above.
If the Classic Editor plugin is installed and activated, the callout will be hidden for all users.
You can learn more by reading “Try Gutenberg” Callout in WordPress 4.9.8.
Privacy fixes/enhancements
This release includes 18 Privacy fixes focused on ensuring consistency and flexibility in the new personal data tools that were added in 4.9.6, including:
The type of request being

7 min read Donna Cavalier
Community | wordpress.org | Dec. 3, 2017

Gutenberg: The Official Introduction

WordPress.org's attempt at introducing the world to Gutenberg. Shares some information around compatibility and future roadmap.

Gutenberg: The Official Introduction

Community | wordpress.org | Dec. 3, 2017

A new publishing experience for WordPress is in the works: get ready to make your words, pictures, and layout look as good on screen as they do in your imagination, without any code. You might have heard of this project — it’s called Gutenberg, after another invention that revolutionized publishing — but are wondering what it means for you. Who will see the biggest difference, and what it will change for your everyday workflows? Everyone, and everything. The Gutenberg editor uses blocks to create all types of content, replacing a half-dozen inconsistent ways of customizing WordPress, bringing it in line with modern coding standards, and aligning with open web initiatives. These content blocks transform how users, developers, and hosts interact with WordPress to make building rich web content easier and more intuitive, democratizing publishing — and work — for everyone, regardless of technical ability.
It’s great that so many people think WordPress is the best way to get their ideas on the web, and it’s easy to unlock the power of WordPress if you know how to write code — but not everyone does. And now, you won’t need to.
Discover

11 min read David Bisset
Development | wordpress.org | Jun. 8, 2017

WordPress 4.8 “Evans” Is Out!

WordPress 4.8 is out, named “Evans” in honor of William John “Bill” Evans. Grab now and bask in the glory of a fresh new release.

WordPress 4.8 “Evans” Is Out!

Development | wordpress.org | Jun. 8, 2017

An Update with You in Mind Gear up for a more intuitive WordPress!
Version 4.8 of WordPress, named “Evans” in honor of jazz pianist and composer William John “Bill” Evans, is available for download or update in your WordPress dashboard. New features in 4.8 add more ways for you to express yourself and represent your brand.
Though some updates seem minor, they’ve been built by hundreds of contributors with you in mind. Get ready for new features you’ll welcome like an old friend: link improvements, three new media widgets covering images, audio, and video, an updated text widget that supports visual editing, and an upgraded news section in your dashboard which brings in nearby and upcoming WordPress events.
Exciting Widget Updates
Image Widget
Adding an image to a widget is now a simple task that is achievable for any WordPress user without needing to know code. Simply insert your image right within the widget settings. Try adding something like a headshot or a photo of your latest weekend adventure — and see it appear automatically.
Video Widget
A welcome video is a great way to humanize the branding of your website. You can now add any video

Community | wordpress.org | Apr. 4, 2018

WordPress 4.9.5 Security and Maintenance Release

WordPress 4.9.5 is here. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress 4.9.5 Security and Maintenance Release

Community | wordpress.org | Apr. 4, 2018

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.5:
Don't treat localhost as same host by default.
Use safe redirects when redirecting the login page if SSL is forced.
Make sure the version string is correctly escaped for use in generator tags.
Thank you to the reporters of these issues for practicing coordinated security disclosure: xknown of the WordPress Security Team, Nitin Venkatesh (nitstorm), and Garth Mortensen of the WordPress Security Team.
Twenty-five other bugs were fixed in WordPress 4.9.5. Particularly of note were:
The previous styles on caption shortcodes have been restored.
Cropping on touch screen devices is now supported.
A variety of strings such as error messages have been updated for better clarity.
The position of an attachment placeholder during uploads has been fixed.
Custom nonce functionality in the REST API JavaScript client has been made consistent

1 min read Asphalt Themes
Community | wordpress.org | Jul. 10, 2018

Cvee - WordPress Professional CV theme

Fully professional WordPress CV theme you can use to create online professional CV on the get go.

Cvee - WordPress Professional CV theme

Community | wordpress.org | Jul. 10, 2018

Fully professional WordPress CV theme, You can use this theme to create online professional CV on the get go. Cvee is perfect for WordPress CV theme. The theme comes with Full width layout, easy Logo upload. Cvee is 100% responsive built with HTML5 and CSS3, it is SEO friendly, mobile optimized and retina ready, thoroughly tested by WordPress coding standard has clean and a bloat free code, you can flesh out free CV, vCard, curriculam vitae or resume website. The best free WordPress CV theme 2018.

Community | wordpress.org | May. 17, 2018

WordPress 4.9.6 Privacy and Maintenance Release

WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features. Privacy The European Union's General Data Protection Regulation (GDPR) takes effect on May 25.

WordPress 4.9.6 Privacy and Maintenance Release

Community | wordpress.org | May. 17, 2018

WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features. Privacy
The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site owners to be transparent about how they collect, use, and share personal data. It also gives individuals more access and choice when it comes to how their own personal data is collected, used, and shared.
It’s important to understand that while the GDPR is a European regulation, its requirements apply to all sites and online businesses that collect, store, and process personal data about EU residents no matter where the business is located.
You can learn more about the GDPR from the European Commission’s Data Protection page.
We’re committed to supporting site owners around the world in their work to comply with this important law. As part of that effort, we’ve added a number of new privacy features in this release.
Comments
Logged-out commenters will be given a choice on whether their name, email address, and website are saved in a cookie on their browser.
Privacy

2 min read Donna Cavalier
Development | wordpress.org | Nov. 19, 2017

The Official WordPress Gutenberg Handbook

This is where the all of the Gutenberg documentation, guidelines, and development details are being kept.

The Official WordPress Gutenberg Handbook

Development | wordpress.org | Nov. 19, 2017

“Gutenberg” is the codename for the 2017 WordPress editor focus. The goal of this focus is to create a new post and page editing experience that makes it easy for anyone to create rich post layouts. This was the kickoff goal: The editor will endeavour to create a new page and post building experience that makes writing rich posts effortless, and has “blocks” to make it easy what today might take shortcodes, custom HTML, or “mystery meat” embed discovery.
Key take-aways from parsing that paragraph:
Authoring richly laid out posts is a key strength of WordPress.
By embracing “the block”, we can potentially unify multiple different interfaces into one. Instead of learning how to write shortcodes, custom HTML, or paste URLs to embed, you should do with just learning the block, and all the pieces should fall in place.
“Mystery meat” refers to hidden features in software, features that you have to discover. WordPress already supports a large amount of blocks and 30+ embeds, so let’s surface them.
Gutenberg is being developed on GitHub, and you can try an early beta version today from the plugin repository. Though keep in mind

3 min read David Bisset
Development | wordpress.org | Oct. 31, 2017

WordPress 4.9 Release Candidate

RC - it's almost done. If you haven't tested, now's the time to jump in. WordPress 4.9 scheduled to be launched on Tuesday, November 14.

WordPress 4.9 Release Candidate

Development | wordpress.org | Oct. 31, 2017

The release candidate for WordPress 4.9 is now available. RC means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.9 on Tuesday, November 14, but we need your help to get there. If you haven’t tested 4.9 yet, now is the time!
To test WordPress 4.9, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip).
We’ve made almost 30 changes since releasing Beta 4 last week. For more details about what’s new in version 4.9, check out the Beta 1, Beta 2, Beta 3, and Beta 4 blog posts.
Developers, please test your plugins and themes against WordPress 4.9 and update your plugin’s Tested up to version in the readme to 4.9. If you find compatibility problems please be sure to post to the support forums so we can figure those out before the final release — we work hard to avoid breaking things. An in-depth field guide to developer-focused changes is coming soon on the core development blog. In the meantime, you can review the developer notes for 4.9.
Do you speak a language other than English? Help us translate

2 min read David Bisset
Development | wordpress.org | Jan. 26, 2017

WordPress 4.7.2 Security Release

This is a security release so better get to updating. Three issues including WP_Query being vulnerable to a SQL injection and a cross-site scripting (XSS) vulnerability.

WordPress 4.7.2 Security Release

Development | wordpress.org | Jan. 26, 2017

WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.1 and earlier are affected by three security issues:
The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive.
WP_Query is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo).
A cross-site scripting (XSS) vulnerability was discovered in the posts list table. Reported by Ian Dunn of the WordPress Security Team.
Thank you to the reporters of these issues for practicing responsible disclosure.
Download WordPress 4.7.2 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.2.
Thanks to everyone who contributed to 4.7.2.

2 min read David Bisset
Development | wordpress.org | May. 15, 2017

WordPress Now on HackerOne

HackerOne is a platform for security researchers to report vulnerabilities. With the announcement also comes introduction bug bounties!

WordPress Now on HackerOne

Development | wordpress.org | May. 15, 2017

WordPress has grown a lot over the last thirteen years – it now powers more than 28% of the top ten million sites on the web. During this growth, each team has worked hard to continually improve their tools and processes. Today, the WordPress Security Team is happy to announce that WordPress is now officially on HackerOne! HackerOne is a platform for security researchers to securely and responsibly report vulnerabilities to our team. It provides tools that improve the quality and consistency of communication with reporters, and will reduce the time spent on responding to commonly reported issues. This frees our team to spend more time working on improving the security of WordPress.
The security team has been working on this project for quite some time. Nikolay Bachiyski started the team working on it just over a year ago. We ran it as a private program while we worked out our procedures and processes, and are excited to finally make it public.
With the announcement of the WordPress HackerOne program we are also introducing bug bounties. Bug bounties let us reward reporters for disclosing issues to us and helping us secure our products and infrastructure. We’ve already awarded

7 min read David Bisset
Community | wordpress.org | Jul. 4, 2017

Why Wangguard Was Closed

This is something i think the community should know. Regardless if you used Wangguard or not, take a moment and read the reason why the developer stopped.

Why Wangguard Was Closed

Community | wordpress.org | Jul. 4, 2017

Many people have been wondering why WangGuard closed for good. It is a question that I have come across more or less frequently in the WordPress forums, the official WordPress.org Slack, Twitter, and so on. I have never answered, but I feel that now the time has come to explain, since thousands of sites worldwide were using this plugin and there are conjectures everywhere.
From what I’ve seen, those conjectures can be anything from the economic ones, the professional ones, or the “he closed it just because” ones.
None of the above fits in the least with reality. Yes, WangGuard had a high server cost for me, but SiteGround had started to sponsor WangGuard, and hence that cost was gone. The only “cost” left was the time that I dedicated to the plugin. As to the professional one, that I had started to work for a company and had no time left, of course not. I still feel very comfortable working for myself, even though I can work more or less regularly for important companies, who know that I am a free agent. The “just because” conjecture is the most absurd of all: WangGuard was created to help people with a very big problem on the internet, particularly

2 min read David Bisset
Development | wordpress.org | Apr. 20, 2017

WordPress 4.7.4 Maintenance Release

WordPress 4.7.4, a maintenance release, is out. Contains 47 maintenance fixes and enhancements. Go get it or let auto-update work its magic.

WordPress 4.7.4 Maintenance Release

Development | wordpress.org | Apr. 20, 2017

After almost sixty million downloads of WordPress 4.7, we are pleased to announce the immediate availability of WordPress 4.7.4, a maintenance release. This release contains 47 maintenance fixes and enhancements, chief among them an incompatibility between the upcoming Chrome version and the visual editor, inconsistencies in media handling, and further improvements to the REST API. For a full list of changes, consult the release notes and the list of changes.
Download WordPress 4.7.4 or visit Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.4.
Thanks to everyone who contributed to 4.7.4:
Aaron Jorbin, Adam Silverstein, Andrea Fercia, Andrew Ozz, aussieguy123, Blobfolio, boldwater, Boone Gorges, Boro Sitnikovski, chesio, Curdin Krummenacher, Daniel Bachhuber, Darren Ethier (nerrad), David A. Kennedy, davidbenton, David Herrera, Dion Hulse, Dominik Schilling (ocean90), eclev91, Ella Van Dorpe, Gustave F. Gerhardt, ig_communitysites, James Nylen, Joe Dolson, John Blackbourn, karinedo, lukasbesch, maguiar, MatheusGimenez, Matthew Boynes, Matt Wiebe, Mayur Keshwani, Mel Choyce,

2 min read David Bisset
Development | wordpress.org | May. 13, 2017

WordPress 4.8 Beta 1

Smaller release than i think was expected, but includes improved visual editor experience, WordPress event locator, and a few other shiny things.

WordPress 4.8 Beta 1

Development | wordpress.org | May. 13, 2017

We’re planning a smaller WP release early next month, bringing in three major enhancements: An improved visual editor experience, with a new TinyMCE that allows you navigate more intuitively in and out of inline elements like links. (Try it out to see, it’s hard to describe.)
A revamp of the dashboard news widget to bring in nearby and upcoming events including meetups and WordCamps.
Several new media widgets covering images, audio, and video, and an enhancement to the text widget to support visual editing.
The first beta of 4.8 is now available for testing. You can use the beta tester plugin (or just run trunk) to try the latest and greatest, and each of these areas could use a ton of testing. Our goals are to make editing posts with links more intuitive, make widgets easier for new users and more convenient for existing ones, and get many more people aware of and attending our community events.
Four point eight is here
Small changes with a big punch
Big ones come later

2 min read David Bisset
Development | wordpress.org | Nov. 29, 2017

WordPress 4.9.1 Security and Maintenance Release

This is a security and maintenance release and like most you should upgrade as soon as possible. Also a few other bugs addressed.

WordPress 4.9.1 Security and Maintenance Release

Development | wordpress.org | Nov. 29, 2017

WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately. WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.1:
Use a properly generated hash for the newbloguser key instead of a determinate substring.
Add escaping to the language attributes used on html elements.
Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.
Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability.
Thank you to the reporters of these issues for practicing responsible security disclosure: Rahul Pratap Singh and John Blackbourn.
Eleven other bugs were fixed in WordPress 4.9.1. Particularly of note were:
Issues relating to the caching of theme template files.
A MediaElement JavaScript error preventing users of certain languages from being able to upload media files.
The inability to edit theme and plugin files on Windows

2 min read Ahmad Awais
Plugins | wordpress.org | Jun. 17, 2017

Gutenberg Editor Plugin

#WCEU The new WP plugin for Gutenberg editor is here. It's only v0.1 right now. Try it out!

Gutenberg Editor Plugin

Plugins | wordpress.org | Jun. 17, 2017

Description The goal of the block editor is to make adding rich content to WordPress simple and enjoyable.
Warning: This is beta software, do not run on production sites!
The new post and page building experience will make writing rich posts effortless, making it easy to do what today might take shortcodes, custom HTML, or “mystery meat” embed discovery.
WordPress already supports a large amount of “blocks”, but doesn’t surface them very well, nor does it give them much in the way of layout options. By embracing the blocky nature of rich post content, we will surface the blocks that already exist, as well as provide more advanced layout options for each of them. This will allow you to easily compose beautiful posts like this example.
This plugin is being actively developed by many contributors. You can follow along on github.com/WordPress/gutenberg and on the #editor tag on the make.wordpress.org blog.
Contributors & Developers

11 min read David Bisset
Development | wordpress.org | Nov. 16, 2017

WordPress 4.9 “Tipton”

Named “Tipton” for the jazz musician and band leader Billy Tipton... Featuring design drafts, scheduling, and locking, along with preview links... over 443 contributors!

WordPress 4.9 “Tipton”

Development | wordpress.org | Nov. 16, 2017

Major Customizer Improvements, Code Error Checking, and More! Version 4.9 of WordPress, named “Tipton” in honor of jazz musician and band leader Billy Tipton, is available for download or update in your WordPress dashboard. New features in 4.9 will smooth your design workflow and keep you safe from coding errors.
Featuring design drafts, scheduling, and locking, along with preview links, the Customizer workflow improves collaboration for content creators. What’s more, code syntax highlighting and error checking will make for a clean and smooth site building experience. Finally, if all that wasn’t pretty great, we’ve got an awesome new Gallery widget and improvements to theme browsing and switching.
Customizer Workflow Improved
Yes, you read that right. Just like you can draft and revise posts and schedule them to go live on the date and time you choose, you can now tinker with your site’s design and schedule those design changes to go live as you please.
Collaborate with Design Preview Links
Need to get some feedback on proposed site design changes? WordPress 4.9 gives you a preview link you can send to colleagues and customers so that you can collect

3 min read David Bisset
Development | wordpress.org | Sep. 20, 2017

WordPress 4.8.2 Security and Maintenance Release

A security release but also containing 6 maintenance fixes. Get your upgrade a-going people!

WordPress 4.8.2 Security and Maintenance Release

Development | wordpress.org | Sep. 20, 2017

WordPress 4.8.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.8.1 and earlier are affected by these security issues:
$wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQLi). WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Slavco
A cross-site scripting (XSS) vulnerability was discovered in the oEmbed discovery. Reported by xknown of the WordPress Security Team.
A cross-site scripting (XSS) vulnerability was discovered in the visual editor. Reported by Rodolfo Assis (@brutelogic) of Sucuri Security.
A path traversal vulnerability was discovered in the file unzipping code. Reported by Alex Chapman (noxrnet).
A cross-site scripting (XSS) vulnerability was discovered in the plugin editor. Reported by 陈瑞琦 (Chen Ruiqi).
An open redirect was discovered on the user and term edit screens. Reported by Yasin Soliman (ysx).
A path traversal vulnerability was discovered in the customizer. Reported by Weston Ruter of the

5 min read David Bisset
Development | wordpress.org | Oct. 5, 2017

WordPress 4.9 Beta 1

WordPress 4.9 is slated for release on November 14 but this is the first beta. Time to start testing!

WordPress 4.9 Beta 1

Development | wordpress.org | Oct. 5, 2017

WordPress 4.9 Beta 1 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.9, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).
WordPress 4.9 is slated for release on November 14, but we need your help to get there. We’ve been working on making it even easier to customize your site. Here are some of the bigger items to test and help us find as many bugs as possible in the coming weeks:
Drafting (#39896) and scheduling (#28721) of changes in the Customizer. Once you save or schedule a changeset, when any user comes into the Customizer the pending changes will be autoloaded. A button is provided to discard changes to restore the Customizer to the last published state. (This is a new “linear” mode for changesets, as opposed to “branching” mode which can be enabled by filter so that every time user opens the Customizer a new blank changeset will be started.)
Addition of a frontend preview link to the Customizer to allow changes

2 min read Richard Bruce
Plugins | wordpress.org | May. 23, 2018

FIT: Featured Image Toolkit

My first plugin to help others offer a simple solution for content editors and answer the question we've all been asked asked hundreds of times "what size should the featured image be?".

FIT: Featured Image Toolkit

Plugins | wordpress.org | May. 23, 2018

Description FIT: FEATURED IMAGE TOOLKIT
Featured Image Toolkit allows you to set minimum size requirements for featured images. Content editors are shown warnings in both the edit post screen and the featured image popup / modal if they are attempting to use an image which is too small.
This plugin was made for other developers and WP implementers who are asked everyday by their clients \’what size should our featured images be\’. Rather than having your clients write it down on a bit of paper, loose it, upload images which are far too small and look awful why not show them a nice helpful warning and guide them within the edit post screen?
FIT to the rescue! This plugin allows you to:
– Set minimum sizes for posts and pages.
– Warn editors if they are trying to use small images.
– Visually guide editors when using the featured image library.
PREMIUM SUPPORT AND FEATURES
Premium support is available for FIT, we also offer the following features to premium users:
Works for all post types with thumbnail support enabled
Prevent setting the featured image if it does not met the size requirements
Customise the image warning messages
WooCommerce product image

8 min read David Bisset
Development | wordpress.org | Dec. 6, 2016

WordPress 4.7 “Vaughan” Is Released!

It's here! Version 4.7 of WordPress, named “Vaughan” in honor of legendary jazz vocalist Sarah “Sassy” Vaughan.

WordPress 4.7 “Vaughan” Is Released!

Development | wordpress.org | Dec. 6, 2016

Version 4.7 of WordPress, named “Vaughan” in honor of legendary jazz vocalist Sarah “Sassy” Vaughan, is available for download or update in your WordPress dashboard. New features in 4.7 help you get your site set up the way you want it. Introducing WordPress 4.7Get Link to Video
Share
Play Video
Presenting Twenty Seventeen
A brand new default theme brings your site to life with immersive featured images and video headers.
Twenty Seventeen focuses on business sites and features a customizable front page with multiple sections. Personalize it with widgets, navigation, social menus, a logo, custom colors, and more. Our default theme for 2017 works great in many languages, on any device, and for a wide range of users.
Your Site, Your Way
WordPress 4.7 adds new features to the customizer to help take you through the initial setup of a theme, with non-destructive live previews of all your changes in one uninterrupted workflow.
Theme Starter Content
https://wordpress.org/news/files/2016/12/starter-content.mp4
To help give you a solid base to build from, individual themes can provide starter content that appears when you go to customize your brand new site. This can

2 min read David Bisset
Development | wordpress.org | Aug. 2, 2017

WordPress 4.8.1 Maintenance Release

Come and get it! This update has some maintenance fixes and enhancements, mainly: (1) fixes to the rich Text widget and (2) introduction of the Custom HTML widget.

WordPress 4.8.1 Maintenance Release

Development | wordpress.org | Aug. 2, 2017

After over 13 million downloads of WordPress 4.8, we are pleased to announce the immediate availability of WordPress 4.8.1, a maintenance release. This release contains 29 maintenance fixes and enhancements, chief among them are fixes to the rich Text widget and the introduction of the Custom HTML widget. For a full list of changes, consult the release notes, the tickets closed, and the list of changes.
Download WordPress 4.8.1 or visit Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.8.1.
Thanks to everyone who contributed to 4.8.1:
Adam Silverstein, Andrea Fercia, Andrew Ozz, Atanas Angelov, bonger, Boone Gorges, Boro Sitnikovski, David Herrera, James Nylen, Jeffrey Paul, Jennifer M. Dodd, K. Adam White, Konstantin Obenland, Mel Choyce, r-a-y, Reuben Gunday, Rinku Y, Said El Bakkali, Sergey Biryukov, Siddharth Thevaril, Timmy Crawford, and Weston Ruter.

3 min read Donna Cavalier
Security | wordpress.org | Mar. 6, 2017

WordPress 4.7.3 Security and Maintenance Release

Quite a few security issues fixed in this one, yikes.

WordPress 4.7.3 Security and Maintenance Release

Security | wordpress.org | Mar. 6, 2017

WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues:
Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs.
Control characters can trick redirect URL validation. Reported by Daniel Chatfield.
Unintended files can be deleted by administrators using the plugin deletion functionality. Reported by xuliang.
Cross-site scripting (XSS) via video URL in YouTube embeds. Reported by Daniel Cid.
Cross-site scripting (XSS) via taxonomy term names. Reported by Delta.
Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources. Reported by Sipke Mellema.
Thank you to the reporters for practicing responsible disclosure.
In addition to the security issues above, WordPress 4.7.3 contains 39 maintenance fixes to the 4.7 release series. For more information, see the release notes or consult the list of changes.
Download WordPress 4.7.3 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that

4 min read Jakub Mikita
Plugins | wordpress.org | Mar. 21, 2018

Notification – Custom Notifications and Alerts for WordPress

Notification system for regular users and developers made super simple. The next big thing for WordPress.

Notification – Custom Notifications and Alerts for WordPress

Plugins | wordpress.org | Mar. 21, 2018

Description Custom Notifications and Alerts without a hassle. Notify anyone about any action in your WordPress. With powerful Merge Tags, you can endlessly customize your messages. Set unlimited Notifications in your WordPress Admin via the beautiful and intuitive interface within 5 minutes.
HOW DOES IT WORK
The Notification plugin is built with three main components:
Trigger – a WordPress action, ie. User registration or Post publication
Notification – the thing which is being sent, ie. Email or Push
Merge Tag – dynamic content, ie. {user_email} or {post_permalink}
You can use them in any combination, adding as many Notifications as you want. They can be sent to multiple Recipients with the content you write.
The process is simple:
You select the Trigger
Compose your message with Merge Tags
Set Recipients
Save the Notification
From now on the Notification is working. Test it out and add more!
PERFECT FOR DEVELOPERS
The Notification plugin is easy to set in the WordPress Admin, but it’s even easier to extend with some sweet API.
You can create your own Triggers with any WordPress action. If you do in your code do_action( 'my_plugin_doing_awesome_thing' ) you

2 min read Donna Cavalier
Community | wordpress.org | Feb. 6, 2018

WordPress 4.9.4 Maintenance Release

WordPress 4.9.4 is now available. This maintenance release fixes a severe bug in 4.9.3, released yesterday, which will cause sites that support automatic background updates to fail to update automatically, and will require action from you (or your host) for it to be updated to 4.9.4.

WordPress 4.9.4 Maintenance Release

Community | wordpress.org | Feb. 6, 2018

WordPress 4.9.4 is now available. This maintenance release fixes a severe bug in 4.9.3, which will cause sites that support automatic background updates to fail to update automatically, and will require action from you (or your host) for it to be updated to 4.9.4.
Four years ago with WordPress 3.7 “Basie”, we added the ability for WordPress to self-update, keeping your website secure and bug-free, even when you weren’t available to do it yourself. For four years it’s helped keep millions of installs updated with very few issues over that time. Unfortunately yesterdays 4.9.3 release contained a severe bug which was only discovered after release. The bug will cause WordPress to encounter an error when it attempts to update itself to WordPress 4.9.4, and will require an update to be performed through the WordPress dashboard or hosts update tools.
WordPress managed hosting companies who install updates automatically for their customers can install the update as normal, and we’ll be working with other hosts to ensure that as many customers of theirs who can be automatically updated to WordPress 4.9.4 can be.
For more technical details of the issue, we’ve