Mobile App Refresh Campaign [Banner] 2024

The Month in WordPress: April 2015

Written by Hugh Lashbrooke on May 5, 2015 Blog.

April has been a particularly busy month in the community — we’ve got a new WordPress release, a whole lot of security concerns and some interesting business developments.

WordPress 4.2 & 4.2.1

After a series of beta releases and four release candidates, WordPress 4.2 was released a day later than originally slated. Within 24 hours of release, v4.2.1 was also released to fix a potential cross-site scripting (XSS) vulnerability – this was pushed out as an automatic update and the same fix was applied to the 4.0 and 4.1 branches so older versions were also patched at the same time.

Security concerns

The XSS vulnerability that was patched in v4.2.1 was the last in a series of security concerns that have affected WordPress recently. Some of these concerns were isolated to specific plugins, but this one was essentially the result of poor documentation affected a thousands of plugins in the WordPress repository and resulted in a coordinated effort by plugin developers to patch as many of them as possible. You can read more about the issue and how to fix it in your plugins here.

It’s worth noting that this was not due to a bug — instead it was due to the fact that the WordPress core documentation did not adequately describe how certain functions work. This serves to highlight that not only is the WordPress code base open-source, but so is the documentation, and it is up to every user to make sure that the resources available to the community are kept up to date and relevant as much as possible.

Elto joins GoDaddy

Elto (formerly known as Tweaky) has joined GoDaddy to enhance their efforts to create a global WordPress marketplace that can serve businesses of all sizes. Aside from being a significant boost to Elto’s footprint, this move also helps to solidify GoDaddy’s presence in the WordPress community.

WordPress 4.3 & 4.4 release leads

At the beginning of the month (before WordPress 4.2 was released), the individuals who would be leading the next two releases of WordPress (v4.3 and v4.4) were announced. While release leads have been rotating since v3.5, this is the first time that they have been announced so far in advance, which, amongst other things, allows for these releases to be more smoothly planned and to work more effectively in unison.

The release lead for WordPress 4.3 is Konstantin Obenland and for 4.4 it is Scott Taylor, both of whom have been actively involved in the project for many years and are easily recognizable for their huge contributions so far.

WordPress 4.3 development

Shortly after the release of WordPress 4.2, Konstantin Obenland started the 4.3 development cycle with a kickoff post as well as the project schedule. This release is going to have a strong focus on the admin UI as well as the mobile experience of WordPress, but if there’s a particular ticket that you would like to see included in this release, you can add it to this post.

Further reading

There was a lot more news this month that is worthwhile taking note of. Have a look at a few of the links below for some interesting stories and updates:

That’s it for April. You can follow the WordPress community news more closely on the WordPress Make blogs as well as by joining the community Slack channel.