Category: WordPress

WordPress 2.8.3

WordPress 2.8.3 has been released and similar to WordPress 2.8.2, this is a security fix.

Unfortunately, I missed some places when fixing the privilege escalation issues for 2.8.1. Luckily, the entire WordPress community has our backs. Several folks in the community dug deeper and discovered areas that were overlooked. With their help, the remaining issues are fixed in 2.8.3. Since this is a security release, upgrading is highly recommended

Changelog: WordPress 2.8.3
Download: WordPress 2.8.3
Download: Modified files since WordPress 2.8.2

1 Star2 Stars3 Stars4 Stars5 Stars (291 votes, average: 3.72 out of 5)

WordPress 2.8.2

WordPress 2.8.2 has just been release.

WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site.

Changelog: WordPress 2.8.2
Download: WordPress 2.8.2
Download: Modified files since WordPress 2.8.1

1 Star2 Stars3 Stars4 Stars5 Stars (274 votes, average: 3.73 out of 5)

WordPress 2.8.1

WordPress 2.8.1 has been released.

WordPress 2.8.1 fixes many bugs and tightens security for plugin administration pages. Core Security Technologies notified us that admin pages added by certain plugins could be viewed by unprivileged users, resulting in information being leaked. Not all plugins are vulnerable to this problem, but we advise upgrading to 2.8.1 to be safe.

Some of the fixes:

  • Certain themes were calling get_categories() in such a way that it would fail in 2.8. 2.8.1 works around this so these themes won’t have to change.
  • Dashboard memory usage is reduced. Some people were running out of memory when loading the dashboard, resulting in an incomplete page.
  • The automatic upgrade no longer accidentally deletes files when cleaning up from a failed upgrade.
  • A problem where the rich text editor wasn’t being loaded due to compression issues has been worked around.
  • Extra security has been put in place to better protect you from plugins that do not do explicit permission checks.
  • Translation of role names fixed.
  • wp_page_menu() defaults to sorting by the user specified menu order rather than the page title.
  • Upload error messages are now correctly reported.
  • Autosave error experienced by some IE users is fixed.
  • Styling glitch in the plugin editor fixed.
  • SSH2 filesystem requirements updated.
  • Switched back to curl as the default transport.
  • Updated the translation library to avoid a problem with mbstring.func_overload.
  • Stricter inline style sanitization.
  • Stricter menu security.
  • Disabled code highlighting due to browser incompatibilities.
  • RTL layout fixes.

Full Changelog in WordPress 2.8.1

Download: WordPress 2.8.1

1 Star2 Stars3 Stars4 Stars5 Stars (191 votes, average: 3.87 out of 5)

WordPress 2.8 Released

WordPress 2.8 has been released!

Here is the quote from Matt:

I’m very excited to announce to everyone that the latest and greatest version of WordPress, version 2.8 “Baker,” is immediately available for download. 2.8 represents a nice fit and finish release for WordPress with improvements to themes, widgets, taxonomies, and overall speed. We also fixed over 790 bugs. This release is named in honor of noted trumpeter and vocalist Chet Baker.

Major New Improvements
First and foremost, 2.8 is way faster to use. We’ve changed the way WordPress does style and scripting.

The core and plugin updaters in previous versions of WordPress have been such a success we decided to bring the same to themes. You can now browse the entire theme directory and install a theme with one click from the comfort of your WordPress dashboard.

If you make edits or tweaks to themes or plugins from your dashboard, you’ll appreciate the new CodePress editor which gives syntax highlighting to the previously-plain editor. Also there is now contextual documentation for the functions in the file you’re editing linked right below the editor.

If you were ever frustrated with widgets before, this release should be your savior. We’ve completely redesigned the widgets interface (which we didn’t have time to in 2.7) to allow you to do things like edit widgets on the fly, have multiple copies of the same widget, drag and drop widgets between sidebars, and save inactive widgets so you don’t lose all their settings. Developers now have access to a much cleaner and robust API for creating widgets as well.

Finally you should explore the new Screen Options on every page. It’s the tab in the top right. Now, for example, if you have a wide monitor you could set up your dashboard to have four columns of widgets instead of the two it has by default. On other pages you can change how many items show per page.

Download: WordPress 2.8

View: WordPress 2.8 Changelog

1 Star2 Stars3 Stars4 Stars5 Stars (78 votes, average: 3.82 out of 5)