This security release features four security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated.
WordPress 5.8.3 is a short-cycle security release. The next major release will be version 5.9, which is already in the Release Candidate stage.
You can update to WordPress 5.8.3 by downloading from WordPress.org or visiting your Dashboard → Updates and clicking Update Now.
If you have sites that support automatic background updates, they’ve already started the update process.
Security Updates
Four security issues affect WordPress versions between 3.7 and 5.8. If you haven’t yet updated to 5.8, all WordPress versions since 3.7 have also been updated to fix the following security issue (except where noted otherwise):
Props to Karim El Ouerghemmi and Simon Scannell of SonarSource for disclosing an issue with stored XSS through post slugs.
Props to Simon Scannell of SonarSource for reporting an issue with Object injection in some multisite installations.
Props to Ben Bidner from the WordPress security team for reporting a SQL injection vulnerability in WP_Meta_Query (only relevant to versions 4.1-5.8).
Thank you to all of the reporters above for privately disclosing the vulnerabilities. This gave the security team time to fix the vulnerabilities before WordPress sites could be attacked. Thank you to the members of the WordPress security team for implementing these fixes in WordPress.
December was a busy month for the WordPress community. In the latest episode of the WP Briefing podcast, WordPress Executive Director Josepha Haden Chomphosy shares a carol of thanks and shows her gratitude to all the people who make the WordPress project a success.
(…) I know that we have gotten so much done together in the last few years. And I am equally sure that we’re going to get so much done in the years to come. And so thank you all so much for your continued work with WordPress and the way that you just bring your best at all times.
Josepha Haden, Executive Director of the WordPress project
We said goodbye to 2021 with the annual State of the Word, along with the release of WordPress 5.9 Beta 4, among many other exciting updates. Read on to learn more about the latest community achievements.
WordPress 5.9: The first release candidate just landed
With less than three weeks to go until the final release, this version continues the work from last year and marks the hard string freeze point of the 5.9 release schedule.
Are you interested in contributing to WordPress core? Join the #core channel, follow the Core Team blog, and check out the team handbook. Also, don’t miss the Core Team’s weekly developer chat on Wednesdays at 8 PM UTC.
Gutenberg releases: Versions 12.1 and 12.2 are here
The Core Team launched two new versions of Gutenberg last month. Both come with new features, code quality improvements, and bug fixes.
Gutenberg 12.1 marks the return of the template List View and includes several Navigation block enhancements, new global styles features, an improved developer experience for block themes, and more.
The Gutenberg 12.2 release focuses on user experience improvements and brings the block styles preview to the Widgets Editor, among other new features.
State of the Word 2021, the annual keynote address delivered by WordPress co-founder Matt Mullenweg, was livestreamed from New York City on December 14, 2021. The event gathered WordPress enthusiasts at 29 watch parties around the world.
Matt shared his thoughts on the progress of the WordPress project and made announcements regarding its future in 2022. The presentation was followed by a Question and Answer session.
In 2021, 2572 people contributed to WordPress source code using Trac, including 305 first-timers. Check out A Year in Core – 2021 for more interesting stats on WordPress Core contributions.
The Diverse Speaker Training Group (#WPDiversity) shared its accomplishments from last year in this 2021 year-end report.
The Training Team planned a sprint to audit and revisit the Learn WordPress content for the WordPress 5.9 release.
The Design Team summarized some of the key changes behind the Openverse redesign.
Feedback/Testing requests: Contribute by testing or translating WordPress 5.9
Your feedback on WordPress 5.9 release candidates is still needed and appreciated! If you haven’t tried this version yet, you can find instructions on testing 5.9 features in this post.
Apply to speak or host a workshop at WordCamp Europe 2022
WordCamp US 2022 is currently looking for organizers.
The WordPress community celebrated its first in-person WordCamp after 21 months in Sevilla (Spain) on December 11-12, 2021. WordCamp Taiwan was held online the same weekend.
The Training Team hosted several WordPress Social Learning Meetups last month, and there will be many more in January 2022.
Last year the WordPress Foundation made significant progress in its mission to educate the public about open source software. Learn more about it in this 2021 recap.
The Call For Sponsors and Call For Speakers for WordCamp Europe 2022 are open! Read this post to learn more about the Organizing Team’s plans for the first in-person WordCamp Europe in three years.
Have a story that we could include in the next ‘Month in WordPress’ post? Let us know by filling out this form.
The first Release Candidate (RC1) for WordPress 5.9 is now available!
Thank you to everyone who has contributed to reach this important milestone in the community’s progress towards a WordPress 5.9 release.
“Release Candidate” means the new version of the software is ready for release. It helps the community check that nothing is missed, given the thousands of plugins and themes and differences in how millions of people use the software.
WordPress 5.9 is slated for release on January 25, 2022. This is just three weeks to go – and there’s still time to help!
Testing the release
You can test the WordPress 5.9 release candidate in three ways:
Option 1: Install and activate the WordPress Beta Testerplugin (select the “Bleeding edge” channel and “Beta/RC Only” stream).
Option 2: Direct download the beta version here (zip).
Option 3: When using WP-CLI to upgrade from Beta 1, 2, 3 or 4 on a case-insensitive filesystem, please use the following command sequence:
Command One:
wp core update --version=5.9-RC1
Command Two:
wp core update --version=5.9-RC1 --force
Your help to test the RC1 is vital: the more testing that happens, the more stable the release, and the better the experience for users and developers—and the entire WordPress community.
Thank you to all of the contributors who tested the Beta releases and gave feedback. Testing for bugs is not just a critical part of polishing every release; it is also a great way to contribute to WordPress.
This will be the first release of 2022 and continues the work towards 5.9 from last year. It features the latest advances of the block editor and is the first version of full site editing in Core.
WordPress 5.9 also brings more refinements to the developer experience. To keep up with the latest updates and discover more about how the community works to continually improve the software, please subscribe to the Make WordPress Core blog. In particular, the developer notes tag will keep you up to date on changes that might affect your products or how you use the software.
Plugin and Theme Developers
Please test your plugins and themes against WordPress 5.9 and update the Tested up to version to 5.9 in your readme file. If you find compatibility problems, please post to the support forums, so volunteers and developers can help you figure them out before the final release.
The WordPress 5.9 Field Guide will be out very shortly. It will give you a deeper dive into the major changes.
If you think you have found a bug, you can post to the Alpha/Beta area in the support forums. If you are comfortable writing a reproducible bug report, you can file one on WordPress Trac, where you can also check the issue against a list of known bugs.
In this series, we share some of the inspiring stories of how WordPress and its global network of contributors can change people’s lives for the better. This month we feature a website builder from Nigeria, who uses the open source WordPress platform to support his family and to share learning with others in his home country and beyond.
Creating a life in the WordPress Ecosystem
Collins Agbonghama started his journey to becoming a web developer by reading the football news headlines on a friend’s mobile phone. His fascination with development and learning continued to grow, and he now makes a living using WordPress and the web.
Read on to discover his story, which shows with creativity and determination you can create products and make a living using WordPress.
Starting web building on a phone
Collins began his exploration of the internet while attending Secondary School in Nigeria, or High School as it is known in some other countries.
A friend at the school had a simple mobile phone which could browse the internet. Collins had his first introduction to the World Wide Web through access to this device. He became hooked by reading headlines on a sports site about a famous English Premier League Football Club, Chelsea, a soccer team which he has long supported.
“Being a very inquisitive person, I wanted to learn how the web works as well as have my own website. I was able to buy a classic mobile phone through the menial jobs I did after school,” he said.
His first website was a wapsite or Wireless Application Protocol site optimized for mobile devices.
He took to Google to learn how to actually build a site. He discovered he needed something called an ‘email address’ to sign-up for site builders. Google Search came to the rescue again, and he created the first email account for his first website.
A desire for a website was the catalyst for further learning, starting with HTML and CSS from an online provider. His interest in building sites with more advanced tools grew, and then he came across WordPress.
Using his savings, he bought the cheapest hosting plan from a local Nigerian web host. He installed WordPress and started writing tutorials for a mobile device platform. He built the site, created the lessons, and started his entry into WordPress all on a mobile phone.
This led to him having the confidence to start building sites for others, and he was able to earn a small income from that.
Collins said: “I couldn’t go to the university because of my precarious financial situation. I continued to do menial jobs during the day and started learning PHP in the evenings and at night using my mobile phone via online learning platforms.”
He was later able to get an old laptop, which helped him access ebooks to learn more and practice his coding.
Keen to share this learning, he started blogging about what he was learning on his website.
Collins said: “I later took up a job teaching children at a school primarily because I got tired of the menial jobs and wanted to earn enough to take care of my internet data plan. After a while, I became fairly proficient in PHP and even took up a job to build a school management system.”
Using WordPress to make a living
Collins’ blog wasn’t making money through advertisements, but he discovered opportunities to write tutorials for other platforms.
“I started writing PHP and WordPress development tutorials and got paid a few hundred dollars per article. In Nigeria, that’s quite a lot of money. I was able to improve the life and wellbeing of my family and myself,” he said.
After getting into a higher education program to study computer science, his life dramatically changed. He decided to stop writing and began to focus on building and selling WordPress plugins. His first one was a user and profile plugin for WordPress sites.
“Thankfully, after a year, it started making enough revenue for me to live pretty comfortably here in Nigeria because the cost of living here is relatively low,” he said
Today, Collins has several plugins which have given him a sustainable source of income. He’s also a Core and Translation volunteer contributor to the WordPress.org Open Source project.
“I am also thankful for the community. I have made lots of friends that have been very supportive and helpful in my journey.”
He added: “I tell people, life won’t give you what you want. You demand from life what you want. You make these demands by being determined and never giving up on your dreams and aspirations.
“If you are poor, perhaps because you came from a humble and poor background, it is not your fault. You can’t go back in time to change things. I implore you to be strong, determined, and work hard.”
Thanks to Michael Geheren (@geheren), Abha Thakor (@webcommsat), for writing this feature, to @MeherBala (@meher) for follow-ups and photo-editing, and to Chloe Bringmann (@cbringmann) and Nalini Thakor (@nalininonstopnewsuk) for the final proofing. Thank you to Collins Agbonghama (@collizo4sky) for sharing his Contributor Story.
Thanks to Josepha Haden Chomphosy (@chanthaboune), Topher DeRosia (@topher1kenobe) and others for their support of this initiative.
The People of WordPress feature is inspired by an essay originally published on HeroPress.com, a community initiative created by Topher DeRosia, which highlights people in the WordPress community who have overcome barriers.
WordPress 5.9 Beta 4 is now available for testing!
This software version is still under development. Please do not run this software on a production site; install it on a test site, where you can try out the newest features and get a feel for how they will work on your site.
You can test the WordPress 5.9 Beta 4 in three ways:
Option 1: Install and activate theWordPress Beta Testerplugin (select the “Bleeding edge” channel and “Beta/RC Only” stream).
Option 2: Direct download the beta version here (zip).
Option 3: When using WP-CLI to upgrade from Beta 1, 2, or 3 to Beta 4 on a case-insensitive filesystem, please use the following command sequence:
Command One:
wp core update --version=5.9-beta4
Command Two:
wp core update --version=5.9-beta4 --force
The current target for the final release of 5.9 is January 25, 2022, which is only five weeks away. Your help testing this beta is vital: the more testing that happens, the more stable the release, and the better the experience for users and developers—and the entire WordPress community.
Some Highlights
Since Beta 3, 20 bugs have been fixed. Here are a few of the changes you will find in Beta 4:
Login and registration: Add a filter to allow to disable the Login screen language dropdown – (#54675).
How You Can Help
Do some testing!
Testing for bugs is vital for polishing the release in the beta stage and a great way to contribute.
Please post to the Alpha/Beta area in the support forums if you find a bug. If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.
In this last episode of 2021, Josepha Haden Chomphosy takes the time to appreciate those who make the WordPress project a success and offers a carol of thanks.
Have a question you’d like answered? You can submit them to wpbriefing@wordpress.org, either written or as a voice recording.
State of the Word 2021, the annual keynote from WordPress co-founder Matt Mullenweg, happened on December 14. The hybrid event took place in New York City with a small audience (proof of vaccination required). As Matt said, “we had people join by plane, train, and automobile.” Those who didn’t make the trek to the live event watched the livestream from wherever they call home, all around the world.
It was an exciting moment for the WordPress community which also celebrated its first in-person WordCamp in Sevilla, Spain, after a lengthy hiatus for in-person events.
It was thrilling to see so many meetup organizers host watch parties worldwide. Twenty-eight watch parties were held across eleven countries, with more than 300 RSVPs.
Similar to past State of the Word events, Matt covered a broad range of topics. This year was no different. WordPress’ past, present, and future were in the spotlight, with highlights on the growth of the contributors, language translations, recent release milestones, and educational initiatives, to name a few.
Audience members and livestreamers alike viewed product demos showcasing upcoming features that will be the hallmark of WordPress 5.9, such as full site editing, block patterns, global styling options, and enhanced image controls.
Matt took the opportunity to remind everyone of the WordPress roadmap which includes native multi-lingual support and real-time collaborative site editing. He also pointed out that anyone can contribute to WordPress’ progress through a number of different initiatives ranging from creating new features and testing to helping spread the word and educate others.
Matt emphasized the way that open source software gets better by reminding everyone that “The more people that use a program like WordPress, the better it gets.”
Broader topics covering the tech landscape including web3, merger and acquisition activity, as well as the growth and support of open source software, rounded out the energetic presentation.
The one-hour multimedia presentation was followed by an interactive question and answer session where Matt fielded questions that were submitted ahead of the event, as well as questions from the livestream and studio audience.
WordPress 5.9 Beta 3 is now available for testing!
This software version is still under development. Please do not run this software on a production site; install it on a test site, where you can try out the newest features and get a feel for how they will work on your site.
You can test the WordPress 5.9 Beta 3 in three ways:
Option 1: Install and activate theWordPress Beta Testerplugin (select the “Bleeding edge” channel and “Beta/RC Only” stream).
Option 3: If you use WP-CLI to upgrade from Beta 1 or Beta 2 to Beta 3 on a case-insensitive filesystem, please use the following command sequence:
Command One:
wp core update --version=5.9-beta2
Command Two:
wp core update --version=5.9-beta3 --force
The current target for the final release of 5.9 is January 25, 2022, which gets closer every minute. Your help testing this beta is vital: the more testing that happens, the more stable the release, and the better the experience for users and developers—and the entire WordPress community.
Some Highlights
Since Beta 2,14 bugs have been fixed. Here are a few of the changes you will find in Beta 3:
Editor: Add FSE infrastructure from Gutenberg plugin into Core (#54335).
Formatting: Allow PDFs to embedded as objects (#54261)
Testing for bugs is vital for polishing the release in the beta stage and a great way to contribute.
If you think you’ve found a bug, please post to the Alpha/Beta area in the support forums. If you’re comfortable writing a reproducible bug report, file one on WordPress Trac. That’s also where you can find a list of known bugs.
WordPress 5.9 Beta 2 is now available for testing!
This software version is still under development. Please do not run this software on a production site. Instead, install it on a test site, where you can try out the newest features to get a feel for how they will work on your site.
You can test the WordPress 5.9 Beta 2 in three ways:
Option 1: Install and activate the WordPress Beta Testerplugin (select the “Bleeding edge” channel and “Beta/RC Only” stream).
Option 2: Direct download the beta version here (zip).
Option 3: When using WP-CLI to upgrade from Beta 1 to Beta 2 on a case-insensitive filesystem, please use the following command sequence:
Command One:
wp core update --version=5.9-beta1
Command Two:
wp core update --version=5.9-beta2 --force
The current target for the final release of 5.9 is January 25, 2022, which is just seven weeks away. Your help testing this version is a vital part of making this release as good as it can be.
Some Highlights
SinceBeta 1, 24 bugs have been fixed. Here are a few of the changes you will find in Beta 2:
Block Editor: Block template theme error related to child themes (#54515)
General: Fixing existing links to Customizer when the Site Editor is enabled (#54460)
Media: Media library showing only the selected image (#53765)
Media: Fatal error uploading media on PHP8 (#54385)
REST API: Add Global Styles REST API endpoints from Gutenberg into Core (#54336)
Also, note that some users testing 5.9 Beta 1 faced some fatal errors upon upgrade. In turn, these errors revealed the need for some extra work on the filesystem and upgrader. Those fatal errors are no longer a problem, and the enhancements will be part of version 6.0.
How You Can Help
Do some testing!
Testing for bugs is vital for polishing the release in the beta stage and a great way to contribute.
If you think you’ve found a bug, please post to the Alpha/Beta area in the support forums. If you’re comfortable writing a reproducible bug report, file one on WordPress Trac. That’s also where you can find a list of known bugs.
Despite the holiday season being around the corner, the WordPress project didn’t slow down. In a recent episode of WP Briefing, Executive Director Josepha Haden shares the first thing she wants people to notice about WordPress, which is also the heart of this open source project:
Now, the first thing I want people to see on that site is that WordPress has not only 18 years of learned knowledge that every single new user benefits from, but that it also has thousands of really smart people making sure it works and gets better every day.
Josepha Haden, Executive Director of the WordPress project
As always, contributors across various teams are working hard to ensure the upcoming release of WordPress 5.9 doesn’t disappoint. With State of the Word 2021 coming up soon, there are many exciting things in the works. Read the November 2021 edition of the Month in WordPress to learn more about what’s happening.
WordPress 5.9: Expected to release on January 25, 2022
WordPress 5.9 Beta 1 was recently released and is available for testing. This version of the WordPress software is under development. Check out the release post to learn more about what’s new in version 5.9 and how you can help testing.
Check out “A Look at WordPress 5.9” for a first peek into the exciting features included in this major release.
WordPress 5.8.2, a security and maintenance release, was out on November 10, 2021. This release includes two bug fixes and one security fix.
Are you interested in contributing to WordPress core? Join the #core channel, follow the Core Team blog, and check out the team handbook. Also, don’t miss the Core Team’s weekly developer chat on Wednesdays at 8 PM UTC.
Gutenberg releases: 11.9 and 12.0 are out
Two new Gutenberg versions have been released!
Version 11.9.0 brings new Gutenberg blocks for working with post comments, a fullscreen pattern explorer modal, further iterations on the Navigation block, and many other improvements.
Gutenberg 12.0.0, released on November 24, improves the Block Styles preview and includes featured image block visual enhancements, a site Editor welcome guide, official JSON schema updates, and much more.
Host or join a State of the Word watch party to enjoy the event with your WordPress friends. Check Meetup to see if a watch party is scheduled to be held in your local community!
Add the event to your calendar so you don’t miss State of the Word 2021! Want to ask Matt a question during State of the Word? Please send your questions ahead of time to ask-matt@wordcamp.org or ask them live during the event via YouTube chat.
Team updates: Nominations for some team representatives are still underway
Requests 2.0.0 has been released. This release is fully compatible with PHP 8.0 and 8.1, indicating that a legacy codebase can be modernized, made more stable and secure without breaking backward-compatibility. The Requests project is a dependency of WordPress core, which was adopted into the WordPress organization earlier this year.
The Marketing Team welcomes any help to promote WordPress Meetups on a weekly basis and thus keep the community connected.
We want to hear from you! Suggest your 2022 goals for the Global Community Team by December 6, 2021.
Feedback/Testing requests: Test WordPress 5.9 Beta 1; Take the 2021 Annual WordPress Survey to share your experience
WordPress 5.9 Beta 1 is now available for testing and we’d like to hear from you! Testing is vital to ensure the release is as good as it can be—it’s also a great way to contribute. Read the comprehensive guide, “Help test WordPress 5.9 Features,” to learn how to test WordPress 5.9 Beta 1 and report any bugs.
Get excited for WordCamp Sevilla 2021, coming up on December 11-12! Sevilla is the first in-person WordCamp happening in over 18 months, since WordCamps moved online in March 2020 due to COVID-19.
Recent Comments