WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.7.2 and earlier are affected by six security issues:
- Cross-site scripting (XSS) via media file metadata. Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs.
- Control characters can trick redirect URL validation. Reported by Daniel Chatfield.
- Unintended files can be deleted by administrators using the plugin deletion functionality. Reported by xuliang.
- Cross-site scripting (XSS) via video URL in YouTube embeds. Reported by Marc Montpas.
- Cross-site scripting (XSS) via taxonomy term names. Reported by Delta.
- Cross-site request forgery (CSRF) in Press This leading to excessive use of server resources. Reported by Sipke Mellema.
Thank you to the reporters for practicing responsible disclosure.
In addition to the security issues above, WordPress 4.7.3 contains 39 maintenance fixes to the 4.7 release series. For more information, see the release notes or consult the list of changes.
Download WordPress 4.7.3 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.3.
Thanks to everyone who contributed to 4.7.3: Aaron D. Campbell, Adam Silverstein, Alex Concha, Andrea Fercia, Andrew Ozz, asalce, blobfolio, bonger, Boone Gorges, Boro Sitnikovski, Brady Vercher, Brandon Lavigne, Bunty, ccprog, chetansatasiya, David A. Kennedy, David Herrera, Dhanendran, Dion Hulse, Dominik Schilling (ocean90), Drivingralle, Ella Van Dorpe, Gary Pendergast, Ian Dunn, Ipstenu (Mika Epstein), James Nylen, jazbek, Jeremy Felt, Jeremy Pry, Joe Hoyle, Joe McGill, John Blackbourn, John James Jacoby, Jonathan Desrosiers, Kelly Dwan, Marko Heijnen, MatheusGimenez, Mike Nelson, Mike Schroder, Muhammet Arslan, Nick Halsey, Pascal Birchler, Paul Bearne, pavelevap, Peter Wilson, Rachel Baker, reldev, Robert O’Rourke, Ryan Welcher, Sanket Parmar, Sean Hayes, Sergey Biryukov, Stephen Edgar, triplejumper12, Weston Ruter, and wpfo.
Like this:
Like Loading...
WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.7.1 and earlier are affected by three security issues:
- The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. Reported by David Herrera of Alley Interactive.
WP_Query
is vulnerable to a SQL injection (SQLi) when passing unsafe data. WordPress core is not directly vulnerable to this issue, but we’ve added hardening to prevent plugins and themes from accidentally causing a vulnerability. Reported by Mo Jangda (batmoo).
- A cross-site scripting (XSS) vulnerability was discovered in the posts list table. Reported by Ian Dunn of the WordPress Security Team.
- An unauthenticated privilege escalation vulnerability was discovered in a REST API endpoint. Reported by Marc-Alexandre Montpas of Sucuri Security. *
Thank you to the reporters of these issues for practicing responsible disclosure.
Download WordPress 4.7.2 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.2.
Thanks to everyone who contributed to 4.7.2.
* Update: An additional serious vulnerability was fixed in this release and public disclosure was delayed. For more information on this vulnerability, additional mitigation steps taken, and an explanation for why disclosure was delayed, please read Disclosure of Additional Security Fix in WordPress 4.7.2.
Like this:
Like Loading...
WordPress 4.7 has been downloaded over 10 million times since its release on December 6, 2016 and we are pleased to announce the immediate availability of WordPress 4.7.1. This is a security release for all previous versions and we strongly encourage you to update your sites immediately.
WordPress versions 4.7 and earlier are affected by eight security issues:
- Remote code execution (RCE) in PHPMailer – No specific issue appears to affect WordPress or any of the major plugins we investigated but, out of an abundance of caution, we updated PHPMailer in this release. This issue was fixed in PHPMailer thanks to Dawid Golunski and Paul Buonopane.
- The REST API exposed user data for all users who had authored a post of a public post type. WordPress 4.7.1 limits this to only post types which have specified that they should be shown within the REST API. Reported by Krogsgard and Chris Jean.
- Cross-site scripting (XSS) via the plugin name or version header on
update-core.php
. Reported by Dominik Schilling of the WordPress Security Team.
- Cross-site request forgery (CSRF) bypass via uploading a Flash file. Reported by Abdullah Hussam.
- Cross-site scripting (XSS) via theme name fallback. Reported by Mehmet Ince.
- Post via email checks
mail.example.com
if default settings aren’t changed. Reported by John Blackbourn of the WordPress Security Team.
- A cross-site request forgery (CSRF) was discovered in the accessibility mode of widget editing. Reported by Ronnie Skansing.
- Weak cryptographic security for multisite activation key. Reported by Jack.
Thank you to the reporters for practicing responsible disclosure.
In addition to the security issues above, WordPress 4.7.1 fixes 62 bugs from 4.7. For more information, see the release notes or consult the list of changes.
Download WordPress 4.7.1 or venture over to Dashboard → Updates and simply click “Update Now.” Sites that support automatic background updates are already beginning to update to WordPress 4.7.1.
Thanks to everyone who contributed to 4.7.1: Aaron D. Campbell, Aaron Jorbin, Adam Silverstein, Andrea Fercia, Andrew Ozz, bonger, Boone Gorges, Chandra Patel, Christian Chung, David Herrera, David Shanske, Dion Hulse, Dominik Schilling (ocean90), DreamOn11, Edwin Cromley, Ella van Dorpe, Gary Pendergast, Hristo Pandjarov, James Nylen, Jeff Bowen, Jeremy Felt, Jeremy Pry, Joe Hoyle, Joe McGill, John Blackbourn, Keanan Koppenhaver, Konstantin Obenland, laurelfulford, Marin Atanasov, mattyrob, monikarao, Nate Reist, Nick Halsey, Nikhil Chavan, nullvariable, Payton Swick, Peter Wilson, Presskopp, Rachel Baker, Ryan McCue, Sanket Parmar, Sebastian Pisula, sfpt, shazahm1, Stanimir Stoyanov, Steven Word, szaqal21, timph, voldemortensen, vortfu, and Weston Ruter.
Like this:
Like Loading...
Version 4.7 of WordPress, named “Vaughan” in honor of legendary jazz vocalist Sarah “Sassy” Vaughan, is available for download or update in your WordPress dashboard. New features in 4.7 help you get your site set up the way you want it.
Presenting Twenty Seventeen
A brand new default theme brings your site to life with immersive featured images and video headers.
Twenty Seventeen focuses on business sites and features a customizable front page with multiple sections. Personalize it with widgets, navigation, social menus, a logo, custom colors, and more. Our default theme for 2017 works great in many languages, on any device, and for a wide range of users.
Your Site, Your Way
WordPress 4.7 adds new features to the customizer to help take you through the initial setup of a theme, with non-destructive live previews of all your changes in one uninterrupted workflow.
Theme Starter Content
To help give you a solid base to build from, individual themes can provide starter content that appears when you go to customize your brand new site. This can range from placing a business information widget in the best location to providing a sample menu with social icon links to a static front page complete with beautiful images. Don’t worry – nothing new will appear on the live site until you’re ready to save and publish your initial theme setup.
Edit Shortcuts
Visible icons appear to show you which parts of your site can be customized while live previewing. Click on a shortcut and get straight to editing. Paired with starter content, getting started with customizing your site is faster than ever.
Video Headers
Sometimes a big atmospheric video as a moving header image is just what you need to showcase your wares; go ahead and try it out with Twenty Seventeen. Need some video inspiration? Try searching for sites with video headers available for download and use.
Smoother Menu Building
Many menus for sites contain links to the pages of your site, but what happens when you don’t have any pages yet? Now you can add new pages while building menus instead of leaving the customizer and abandoning your changes. Once you’ve published your customizations, you’ll have new pages ready for you to fill with content.
Custom CSS
Sometimes you just need a few visual tweaks to make your site perfect. WordPress 4.7 allows you to add custom CSS and instantly see how your changes affect your site. The live preview allows you to work quickly without page refreshes slowing you down.
PDF Thumbnail Previews
Managing your document collection is easier with WordPress 4.7. Uploading PDFs will generate thumbnail images so you can more easily distinguish between all your documents.
Dashboard in your language
Just because your site is in one language doesn’t mean that everybody helping manage it prefers that language for their admin. Add more languages to your site and a user language option will show up in your user’s profiles.
Introducing REST API Content Endpoints
WordPress 4.7 comes with REST API endpoints for posts, comments, terms, users, meta, and settings.
Content endpoints provide machine-readable external access to your WordPress site with a clear, standards-driven interface, paving the way for new and innovative methods of interacting with sites through plugins, themes, apps, and beyond. Ready to get started with development? Check out the REST API reference.
Even More Developer Happiness 😊
By opening up the page template functionality to all post types, theme developers have even more flexibility with the WordPress template hierarchy.
More Theme API Goodies
WordPress 4.7 includes new functions, hooks, and behavior for theme developers.
List tables, now with more than bulk edit and delete.
The code that lies beneath actions and filters has been overhauled and modernized, fixing bugs along the way.
Settings Registration API
register_setting() has been enhanced to include type, description, and REST API visibility.
Customize changesets make changes in the customizer persistent, like autosave drafts. They also make exciting new features like starter content possible.
The Squad
This release was led by Helen Hou-Sandí, backed up by Jeff Paul and Aaron Jorbin as Release Deputies, and with the help of these fine individuals. There are 482 contributors with props in this release—the most ever—with 205 of them contributing for the first time. Pull up some sassy Sarah Vaughan on your music service of choice, and check out some of their profiles:
Aaron D. Campbell,
abrightclearweb,
Achal Jain,
achbed,
Acme Themes,
Adam Silverstein,
adammacias,
Ahmad Awais,
ahmadawais,
airesvsg,
ajoah,
Aki Björklund,
akshayvinchurkar,
Alain Schlesser,
Alex Concha,
Alex Dimitrov,
Alex Hon,
alex27,
allancole,
Amanda Rush,
Andrea Fercia,
Andreas Panag,
Andrew Nacin,
Andrew Ozz,
Andrey "Rarst" Savchenko,
Andy Meerwaldt,
Andy Mercer,
Andy Skelton,
Aniket Pant,
Anil Basnet,
Ankit K Gupta,
Anthony Hortin,
antisilent,
Anton Timmermans,
Antti Kuosmanen,
apokalyptik,
artoliukkonen,
Arunas Liuiza,
attitude,
backermann,
Bappi,
Ben Cole,
Bernhard Kau,
BinaryMoon,
Birgir Erlendsson (birgire),
BjornW,
bobbingwide,
boblinthorst,
boboudreau,
bonger,
Boone B. Gorges,
Brady Vercher,
Brainstorm Force,
Brandon Kraft,
Brian Hogg,
Brian Krogsgard,
Bronson Quick,
Caroline Moore,
Casey Driscoll,
Caspie,
Chandra Patel,
Chaos Engine,
cheeserolls,
chesio,
chetansatasiya,
choong,
Chouby,
chredd,
Chris Jean,
Chris Marslender,
Chris Smith,
Chris Van Patten,
Chris Wiegman,
chriscct7,
chriseverson,
Christian Chung,
Christian Nolen,
Christian Wach,
Christoph Herr,
Clarion Technologies,
Claudio Sanches,
Claudio Sanches,
ClaudioLaBarbera,
codemovement.pk,
coderkevin,
codfish,
coreymcollins,
Curdin Krummenacher,
Curtiss Grymala,
Cătălin Dogaru,
danhgilmore,
Daniel Bachhuber ,
Daniel Kanchev,
Daniel Pietrasik,
Daniele Scasciafratte,
Daryl L. L. Houston (dllh),
Dave Pullig,
Dave Romsey (goto10),
David A. Kennedy,
David Chandra Purnama,
David Herrera,
David Lingren,
David Mosterd,
David Shanske,
davidbhayes,
Davide 'Folletto' Casali,
deeptiboddapati,
delphinus,
deltafactory,
Denis de Bernardy,
Derek Herman,
Derrick Hammer,
Derrick Koo,
dimchik,
Dinesh Chouhan,
Dion Hulse,
dipeshkakadiya,
dmsnell,
Dominik Schilling,
Dotan Cohen,
Doug Wollison,
doughamlin,
DreamOn11,
Drew Jaynes,
duncanjbrown,
dungengronovius,
DylanAuty,
Eddie Hurtig,
Eduardo Reveles,
Edwin Cromley,
ElectricFeet,
Elio Rivero,
Ella Iseulde Van Dorpe,
elyobo,
enodekciw,
enshrined,
Eric Andrew Lewis,
Eric Lanehart,
Evan Herman,
Felix Arntz,
Fencer04,
Florian Brinkmann,
Florian TIAR,
FolioVision,
fomenkoandrey,
Frank Klein,
Frankie Jarrett,
frankiet,
Fred,
Fredrik Forsmo,
fuscata,
Gabriel Maldonado,
Garth Mortensen,
Gary Jones,
Gary Pendergast,
Geeky Software,
George Stephanis,
Goran Šerić,
Graham Armfield,
Grant Derepas,
Gregory Karpinsky (@tivnet),
Hardeep Asrani,
Henry Wright,
hiddenpearls,
Hinaloe,
Hristo Pandjarov,
Hugo Baeta,
Iain Poulson,
Ian Dunn,
Ian Edington,
idealien,
Ignacio Cruz Moreno,
imath,
Imnok,
implenton,
Ionut Stanciu,
Ipstenu (Mika Epstein),
ivdimova,
J.D. Grimes,
Jacob Peattie,
Jake Spurlock,
James Nylen,
jamesacero,
Japh,
Jared Cobb,
jayarjo,
jdolan,
jdoubleu,
Jeff Bowen,
Jeffrey de Wit,
Jeremy Felt,
Jeremy Pry,
jimt,
Jip Moors,
jmusal,
Joe Dolson,
Joe Hoyle,
Joe McGill,
Joel James,
johanmynhardt,
John Blackbourn,
John Dittmar,
John James Jacoby,
John P. Bloch,
John Regan,
johnpgreen,
Jon (Kenshino),
Jonathan Bardo,
Jonathan Brinley,
Jonathan Daggerhart,
Jonathan Desrosiers,
Jonny Harris,
jonnyauk,
jordesign,
JorritSchippers,
Joseph Fusco,
Josh Eaton,
Josh Pollock,
joshcummingsdesign,
joshkadis,
Joy,
jrf,
JRGould,
Juanfra Aldasoro,
Juhi Saxena,
Junko Nukaga,
Justin Busa,
Justin Sainton,
Justin Shreve,
Justin Sternberg,
K.Adam White,
kacperszurek,
Kailey (trepmal),
KalenJohnson,
Kat Hagan,
Keanan Koppenhaver,
keesiemeijer,
kellbot,
Kelly Dwan,
Kevin Hagerty,
Kirk Wight,
kitchin,
Kite,
kjbenk,
Knut Sparhell,
koenschipper,
kokarn,
Konstantin Kovshenin,
Konstantin Obenland,
Konstantinos Kouratoras,
kuchenundkakao,
kuldipem,
Laurel Fulford,
Lee Willis,
Leo Baiano,
LittleBigThings (Csaba),
Lucas Stark,
Luke Cavanagh,
Luke Gedeon,
lukepettway,
lyubomir_popov,
mageshp,
Mahesh Waghmare,
Mangesh Parte,
Manish Songirkar,
mantismamita,
Marcel Bootsman,
Marin Atanasov,
Mario Valney,
Marius L. J.,
Mark Jaquith,
Mark Root-Wiley,
Mark Uraine,
Marko Heijnen,
markshep,
matrixik,
Matt Banks,
Matt Jaworski,
Matt King,
Matt Mullenweg,
Matt van Andel,
Matt Wiebe,
Matthew Haines-Young,
mattyrob,
Max Cutler,
Maxime Culea,
Mayo Moriyama,
mbelchev,
mckernanin,
Mel Choyce,
mhowell,
Michael Arestad,
Michael Arestad,
michalzuber,
Mike Auteri,
Mike Crantea,
Mike Glendinning,
Mike Hansen,
Mike Little,
Mike Schroder,
Mike Viele,
Milan Dinić,
modemlooper,
Mohammad Jangda,
Mohan Dere,
monikarao,
morettigeorgiev,
Morgan Estes,
Morten Rand-Hendriksen,
moto hachi ( mt8.biz ),
mrbobbybryant,
Naim Naimov,
Nate Reist,
NateWr,
nathanrice,
Nazgul,
Ned Zimmerman,
net,
Nick Halsey ,
Nicolas GUILLAUME,
Nikhil Chavan,
Nikhil Vimal,
Nikolay Bachiyski,
Nilambar Sharma,
noplanman,
nullvariable,
odie2,
odyssey,
Okamoto Hidetaka,
orvils,
oskosk,
Otto Kekäläinen,
ovann86,
Pascal Birchler,
patilvikasj,
Paul Bearne,
Paul Wilde,
Payton Swick,
pdufour,
Perdaan,
Peter Wilson,
phh,
php,
Piotr Delawski,
pippinsplugins,
pjgalbraith,
pkevan,
Pratik,
Pressionate,
Presskopp,
procodewp,
quasel,
Rachel Baker,
Rahul Prajapati,
Ramanan,
Rami Yushuvaev,
ramiabraham,
ranh,
Red Sand Media Group,
Riad Benguella,
Rian Rietveld,
Richard Tape,
Robert D Payne,
Robert Jolly,
Robert Noakes,
Rocco Aliberti,
Rodrigo Primo,
Rommel Castro,
Ronald Araújo,
Ross Wintle,
Roy Sivan,
Ryan Kienstra,
Ryan McCue,
Ryan Plas,
Ryan Welcher,
Sal Ferrarello,
Sami Keijonen,
Samir Shah,
Samuel Sidler,
Sandesh,
Sang-Min Yoon,
Sanket Parmar,
Sarah Gooding,
Sayed Taqui,
schrapel,
Scott Reilly,
Scott Taylor,
scrappy@hub.org,
scribu,
seancjones,
Sebastian Pisula,
Sergey Biryukov,
Sergio De Falco,
sfpt,
shayanys,
shazahm1,
shprink,
simonlampen,
skippy,
smerriman,
snacking,
Soeren Wrede,
solal,
Stanimir Stoyanov,
Stanko Metodiev,
Steph,
Steph Wells,
Stephanie Leary,
Stephen Edgar,
Stephen Harris,
Steven Word,
stevenlinx,
stubgo,
Sudar Muthu,
Swapnil V. Patil,
swapnild,
szaqal21,
Takahashi Fumiki,
Takayuki Miyauchi,
Tammie Lister,
tapsboy,
Taylor Lovett,
team,
tg29359,
tharsheblows,
the,
themeshaper,
thenbrent,
thomaswm,
Thorsten Frommen,
tierra,
Tim Nash,
Timmy Crawford,
Timothy Jacobs,
timph,
Tkama,
tnegri,
Tom Auger,
Tom J Nowell,
tomdxw,
Toro_Unit (Hiroshi Urabe),
Torsten Landsiedel,
transl8or,
traversal,
Travis Smith,
Triet Minh,
Trisha Salas,
tristangemus,
Truong Giang,
tsl143,
Ty Carlson,
Ulrich,
Utkarsh,
Valeriu Tihai,
Vishal Kakadiya,
vortfu,
Vrunda Kansara,
webbgaraget,
WebMan Design | Oliver Juhas,
websupporter,
Weston Ruter,
William Earnhardt,
williampatton,
Wolly aka Paolo Valenti,
WraithKenny,
yale01,
Yoav Farhi,
Yoga Sukma,
Zach Wills,
Zack Tollman,
Ze Fontainhas,
zhildzik, and
zsusag.
Special thanks go to Rami Abraham for producing the release video and the many fine haiku we saw in the beta and RC announcement posts.
Finally, thanks to all the community translators who worked on WordPress 4.7. Their efforts bring WordPress 4.7 fully translated to 52 languages at release time with more on the way. Additionally, the WordPress 4.7 release video has been captioned into 44 languages.
If you want to follow along or help out, check out Make WordPress and our core development blog. Thanks for choosing WordPress – we hope you enjoy!
Like this:
Like Loading...
We’re at a turning point: 2017 is going to be the year that we’re going to see features in WordPress which require hosts to have HTTPS available. Just as JavaScript is a near necessity for smoother user experiences and more modern PHP versions are critical for performance, SSL just makes sense as the next hurdle our users are going to face.
SSL basically means the link between your browser and the server is encrypted. SSL used to be difficult to implement, and often expensive or slow. Modern browsers, and the incredible success of projects like Let’s Encrypt have made getting a certificate to secure your site fast, free, and something we think every host should support by default, especially in a post-Snowden era. Google also weighs SSL as a search engine ranking factor and will begin flagging unencrypted sites in Chrome.
First, early in 2017, we will only promote hosting partners that provide a SSL certificate by default in their accounts. Later we will begin to assess which features, such as API authentication, would benefit the most from SSL and make them only enabled when SSL is there.
Separately, I also think the performance improvements in PHP7 are particularly impressive, and major kudos to everyone who worked on that. We will consider whether hosts use PHP7 by default for new accounts next year as well.
Like this:
Like Loading...
The release candidate for WordPress 4.7 is now available.
RC means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.7 on Tuesday, December 6, but we need your help to get there. If you haven’t tested 4.7 yet, now is the time! To test WordPress 4.7, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip).
WordPress 4.7 is a jam-packed release, with a number of features focused on getting a theme set up for the first time. Highlights include a new default theme, video headers, custom CSS, customizer edit shortcuts, PDF thumbnail previews, user admin languages, REST API content endpoints, post type templates, and more.
We’ve made quite a few refinements since releasing Beta 4 a week ago, including usability and accessibility enhancements for video headers, media and page template support in starter content, and polishing of how custom CSS can be migrated to and extended by plugins and themes. The REST API endpoints saw a number of bugfixes and notably now have anonymous comment off by default.
Not sure where to start with testing? Try setting up a fresh site on a new installation with Twenty Seventeen (hint: head into customizing your site before touching any pages or widgets) and taking notes on what you enjoyed and what got you stuck. For more details about what’s new in version 4.7, check out the Beta 1, Beta 2, Beta 3, and Beta 4 blog posts.
Think you’ve found a bug? Please post to the Alpha/Beta support forum. If any known issues come up, you’ll be able to find them here.
Developers, please test your plugins and themes against WordPress 4.7 and update your plugin’s Tested up to version in the readme to 4.7. If you find compatibility problems please be sure to post to the support forums so we can figure those out before the final release – we work hard to avoid breaking things. An in-depth field guide to developer-focused changes is coming soon on the core development blog.
Do you speak a language other than English? Help us translate WordPress into more than 100 languages! And if you haven’t yet done so, now is a great time to take the Annual WordPress Survey and send it on to your friends.
Happy testing! And now for another Rami Abraham haiku break.
Select your language
Then let your users choose theirs
get_user_locale()
Theme authors rejoice
Any option may employ
Selective refresh
Custom header video
Make sure to add_theme_support
Bling above the fold
A new template dawns
A hierarchy member
Post-type templates live
PDF updates
Pack a parade of polish
Prettier previews
Template Post Type: New
Template Post Type: And Useful
Template Post Type: Thing
Let lists live lively
Laud wp_list_sort()
Less laconic lists
Like this:
Like Loading...
WordPress 4.7 Beta 4 is now available!
This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.7, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).
For more information on what’s new in 4.7, check out the Beta 1, Beta 2, and Beta 3 blog posts, along with in-depth developer guides on make/core. We’ve made about 60 changes in the last few days for beta 4, including tweaks to Twenty Seventeen, custom CSS, and the REST API content endpoints.
Do you speak a language other than English? Help us translate WordPress into more than 100 languages!
If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.
We are almost there
Please test your plugins and themes
RC coming soon
Like this:
Like Loading...
The title says it all. We had some great applications for cities to host WordCamp US after we finish up in Philadelphia this year, and the city chosen for 2017-2018 is Nashville, Tennessee.
Based on the other great applications we got I’m also excited about the pipeline of communities that could host it in future years as WordCamp US travels across the United States and gives us an opportunity to learn and love a new city, as we have with Philadelphia.
By the way, if you haven’t yet, now is a great time to take the Annual WordPress Survey and ask your friends to as well.
Photo Credit.
Like this:
Like Loading...
WordPress 4.7 Beta 3 is now available!
This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.7, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).
For more information on what’s new in 4.7, check out the Beta 1 and Beta 2 blog posts, along with in-depth field guides on make/core. Some of the changes in Beta 3 include:
- REST API: The
unfiltered_html
capability is now respected and rest_base
has been added to response objects of wp/v2/taxonomies
and wp/v2/types
, while get_allowed_query_vars()
and the rest_get_post
filter have been removed.
- Roles/Capabilities: Added meta-caps for comment, term, and user meta, which are currently only used in the REST API.
- I18N: Added the ability to change user’s locale back to site’s locale. (#38632)
- Custom CSS: Renamed the
unfiltered_css
meta capability to edit_css
and added revisions support to the custom_css
post type.
- Edit shortcuts: Theme authors should take a look at the developer guide to the customizer preview’s visible edit shortcuts and update their themes to take advantage of them if not already implementing selective refresh.
- Various bug fixes: We’ve made over 50 changes in the last week.
Do you speak a language other than English? Help us translate WordPress into more than 100 languages!
If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.
Building the future
A global community
Stronger together
Like this:
Like Loading...
WordPress 4.7 Beta 2 is now available!
This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.7, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).
Notable changes since WordPress 4.7 Beta 1:
- Twenty Seventeen: The theme wasn’t being installed on upgrades – sorry about that! Now you should see it if you’re upgrading an existing site. There are also plenty of fixes, especially for the header and small screen views.
- Edit shortcuts: These are always visible while editing (hide them on bigger screens by collapsing the controls) and should now work properly in Firefox. (#27403 and #38532)
- REST API endpoints: There have been a number of changes over the past week; your attention is requested on the following:
- The
DELETE
response format has changed and may need to be accounted for. (#38494)
- Enabled querying by multiple post statuses. (#38420)
- Return an error when JSON decoding fails. (#38547)
- More developer notes
- Various bug fixes: We’ve made almost 150 changes in the last week.
For more of what’s new in version 4.7, check out the Beta 1 blog post.
If you want a more in-depth view of what major changes have made it into 4.7, check out posts tagged with 4.7 on the main development blog, or look at a list of everything that’s changed. There will be more developer notes to come, so keep an eye out for those as well.
Do you speak a language other than English? Help us translate WordPress into more than 100 languages!
If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.
Happy testing!
Ya es la hora
Time for another beta
请您帮下忙!
Like this:
Like Loading...
Older Posts »