I’m going to have to start using the acronym above because I’m spending more time typing the words “Upgrade Your WordPress” than I should be these days… So, please upgrade your WordPress, both the core software (to 4.2.2) and the Twenty-fifteen theme, which has a specific vulnerability. The new upgrade addressed some security issues and fixed 13 bugs. Thanks everyone!
Update. Again, please. I know I just asked you to update to 4.2 a couple of hours ago, but then this -Â http://www.zdnet.com/article/millions-of-wordpress-sites-vulnerable-to-hijacking-after-zero-day-exploit-released/ – came out and now you need to either turn off all commenting by the public on your sites, or update to 4.2.1. As soon as possible, please.
Nekls upgraded their site to 4.2 (along with a couple of others that I’ve run into over the course of the last few days) and have experienced no problems. We’re recommending that everyone do the upgrade as of right now. The only issue being reported in the WP forums is a failure to be able to update plugins after the upgrade, but that seems to be related to a particular hosting setup and was not an issue when I tried updating a plugin on a 4.2 site this morning. Happy updating!!
One of the new features is “smoother plugin updating” and from the one plugin I’ve updated since getting 4.2, that seems to be true – a single click on the “update now” link in the plugins page and it was done. To be honest, it was so quick it startled me…
Other features of the WP 4.2 upgrade include:
- easier ways to share content with Press This button
- switching themes in the customizer is now easy
- embedding media is easier
- foreign character support is extended (if you want to post in Japanese or Russian, you can!)
As always, please contact Robin or Ryan if you have questions about the WP update!
Please go check your WordPress sites – there is a pretty major vulnerability that has been found (and patched) as of this morning. It affects a BUNCH of plugins, many that are in common use in our system. The plugins affected are listed atÂ https://blog.sucuri.net/2015/04/security-advisory-xss-vulnerability-affecting-multiple-wordpress-plugins.html, but everyone should go update their plugins as soon as possible, whether you have one of the affected ones or not.