Summary: A web host had a crappy server configuration that allowed people on the same box to read each others’ configuration files, and some members of the “security” press have tried to turn this into a “WordPress vulnerability” story. WordPress, like all other web applications, must store database connection info in clear text. Encrypting credentials [...]
I want to make you mine, all the time… oh wait. Hello. I’m here on behalf of the entire WordPress development team and community to announce the immediate availability of WordPress version 2.9 “Carmen” named in honor of magical jazz vocalist Carmen McRae (whom we’ve added to our Last.fm WP release station). You can upgrade [...]
We’re at that exciting point in WordPress development where the dev team feels like version 2.9 is complete and ready for the world.
If you’ve been waiting for your moment to pitch in, it’s now. First we need tech savvy testers to upgrade their blogs and kick the tires, make sure everything is rolling like you [...]
I was very excited last week to learn that WordPress has been awarded the Overall Best Open Source CMS Award in the 2009 Open Source CMS Awards. This is a landmark for us, as it is the first time we’ve won this award, and it marks a shift in the public perception of WordPress, from [...]
A stitch in time saves nine. I couldn’t sew my way out of a bag, but it’s true advice for bloggers as well — a little bit of work on an upgrade now saves a lot of work fixing something later.
Right now there is a worm making its way around old, unpatched versions of WordPress. [...]
Yesterday a vulnerability was discovered: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user requested a password reset. As a result, the first account without a key in the database (usually the admin account) would have its password reset and a new password [...]
If WordPress were a country, our Bill of Rights would be the GPL because it protects our core freedoms. We’ve always done our best to keep WordPress.org clean and only promote things that are completely compatible and legal with WordPress’s license. There have been some questions in the community about whether the GPL applies to [...]
I’m very excited to announce to everyone that the latest and greatest version of WordPress, version 2.8 “Baker,” is immediately available for download. 2.8 represents a nice fit and finish release for WordPress with improvements to themes, widgets, taxonomies, and overall speed. We also fixed over 790 bugs. This release is named in honor of [...]
What if there was software with the elegance and extensibility of WordPress but all the features you’ve come to expect from social networks like Facebook? Now there is: check out BuddyPress.
BuddyPress is an official sister project of WordPress. The idea behind it was to see what would happen to the web if it was as [...]
WordPress by itself is very simple — what makes it compelling for most of its users is the wide array of plugins (and themes) available for WP. The average WordPress blog has about 5 plugins installed! Today we just passed 4,000 plugins available in our plugin directory. (Which is also embedded into everyone’s WordPress 2.7 [...]