WordPress News

The first release candidate for WordPress 2.3 is now available. We’ve spent the week since beta 3 fixing bugs and shaping RC1 into release candidate material. If you would like try RC1 and help us get 2.3 ready for its final release on Monday the 24th, download RC1 here and report any bugs you find. […]

Beta 3, the third and final beta for WordPress 2.3, is now available. Many bugs have been fixed since the second beta, and we could use your help finding and fixing more bugs in preparation for the first Release Candidate due next Monday. The standard disclaimer for betas applies. Beta 3 is pre-release software that […]

2.2.3 is a security and bug-fix release for the 2.2 series. Since this is a security release, we suggest you upgrade immediately. Two of the fixes are high priority. On our Trac you can see the bugs closed and the files changed for 2.2.3. To get 2.2.3, please see our download page. As always, upgrade […]

Today we have two security-related releases available for both users of our main 2.2 branch and the legacy 2.0 branch. As these releases include only security and minor bugfixes they should not cause any plugin or theme compatibility issues, so you have no good excuse not to upgrade. On our Trac you can see the […]

WordPress 2.2.1 is now available. 2.2.1 is a bug fix release for the 2.2 series. Since 2.2 was released a month ago, the WordPress community has been improving fit-and-finish by identifying and fixing those little bugs that can be so annoying and by fine-tuning some small details. The result is a nicely polished 2.2.1 release. […]

On behalf of the entire WordPress team, I’m proud and excited to announce the immediate availability of version 2.2 “Getz” for download. This version includes a number of new features, most notably Widgets integration, and over two hundred bug fixes. It’s named in honor of tenor saxophonist Stan Getz. Goodies: WordPress Widgets allow you to […]

We have a security update release now available for both the 2.1 and 2.0 branches of WordPress now available for immediate download. This update is highly recommend for all users of both branches. These releases include fixes for several publicly known minor XSS issues, one major XML-RPC issue, and a proactive full sweep of the […]

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately.

Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable code in WordPress. The issue was investigated, and it appeared that the 2.1.1 download had been modified from its original code. We took the website down immediately to investigate what happened.

We’ve got a new bugfix and security release for both of our actively maintained branches of WordPress. Version 2.1.1 includes about 30 bug fixes, mostly minor things around encoding, XML-RPC, the object cache, and HTML code. It’s available for immediate download on our download page.

Version 2.0.9 only includes the security update, which was around the code we use to prevent XSS. You can download it from our release archive. As a reminder, we’ve committed to proving security updates to 2.0 through 2010, but all new features and development are going into the newer branch, which is at this time 2.1.

This is a low-to-medium priority update recommended for all WordPress users. After the break is a list of changed files.

On behalf of the WordPress.org community of commiters, contributers, and volunteers, I’m very proud to announce the immediate availability of WordPress 2.1 “Ella”, named for jazz vocalist Ella Fitzgerald. Here’s a sampling of what’s in the new version: Autosave makes sure you never lose a post again. Our new tabbed editor allows you to switch […]

Recently a bug in certain versions of PHP came to our attention that could cause a security vulnerability in your blog. We’re able to work around it fairly easily, so we’ve decided to release 2.0.7 to fix the PHP security problem and the Feedburner issue that was in 2.0.6. It is recommended that everyone running […]

We have a pretty important release available for everyone, it includes an important security fix and it’s recommended that everyone upgrade. This is the latest release in our stable 2.0 line, which we’ve committed to maintaining for several more years. Here’s what’s new: The aforementioned security fixes. HTML quicktags now work in Safari browsers. Comments […]