ThemeLab » WordPress News http://www.themelab.com We build High Quality, Good Looking Premium WordPress Themes that are Easy to Use and ready for just about anything. Thu, 10 Apr 2014 12:33:43 +0000 en-US hourly 1 http://wordpress.org/?v=3.8.3 WordPress 3.0 Released http://www.themelab.com/wordpress-3-0-released/ http://www.themelab.com/wordpress-3-0-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=2187 It was just announced today that WordPress 3.0 has been released and you can get it here. This is considered a pretty big release with many new features and bug fixes, I’ll list some notable ones below: A merge of WordPress MU and WordPress, making it possible to run multiple sites from one installation. New

The post WordPress 3.0 Released appeared first on ThemeLab.

]]>
It was just announced today that WordPress 3.0 has been released and you can get it here. This is considered a pretty big release with many new features and bug fixes, I’ll list some notable ones below:

  • A merge of WordPress MU and WordPress, making it possible to run multiple sites from one installation.
  • New features for theme developers including new APIs to have custom backgrounds, headers, menus, and more.
  • New custom post type and taxonomy features for posting new and different kinds of content (besides posts, pages, etc.).
  • A new default theme called Twenty Ten, which shows off all this new functionality. Say bye bye to Kubrick!

Watch the video below for more information:

If you’re upgrading, remember to backup your site. Also remember your themes probably won’t break but if they do, you can at least revert back to your backup and figure out what the problem is.

Have you upgraded to WordPress 3.0? I’d be interested in hearing your experience in the comments.

The post WordPress 3.0 Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-3-0-released/feed/ 4
WordPress 2.9 “Carmen” Released http://www.themelab.com/wordpress-2-9-carmen-released/ http://www.themelab.com/wordpress-2-9-carmen-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=1273 It was announced recently that WordPress 2.9 has been released. There are a few cool new features, which I’ll list below: Built-in image editing – This feature allows you to do basic image editing to your uploads, including cropping, resizing, rotating, among other things. Easier embedded content – Using the oEmbed standard, embedding content can

The post WordPress 2.9 “Carmen” Released appeared first on ThemeLab.

]]>
It was announced recently that WordPress 2.9 has been released. There are a few cool new features, which I’ll list below:

  • Built-in image editing – This feature allows you to do basic image editing to your uploads, including cropping, resizing, rotating, among other things.
  • Easier embedded content – Using the oEmbed standard, embedding content can now be as simple as pasting a URL. Support for YouTube, DailyMotion, Flickr, WordPress.tv, among many others.
  • Global trash feature – The Delete button is now replaced with a Trash button, giving you a second chance to recover posts or comments you would have otherwise deleted by accident.
  • Bulk plugin upgrade – Now you’re able to bulk upgrade plugins automatically, instead of upgrading one by one. On top of that, it now takes advantage of the community-powered plugin compatibility data from the plugin directory.

The video below covers these features in more detail.

I’ve upgraded a few of my sites to 2.9 with no issues. Regardless, make sure you backup your site beforehand. If for some reason automatic upgrade doesn’t work, you can still upgrade manually.

Has anyone else tried WordPress 2.9? Let me know what you think in the comments.

The post WordPress 2.9 “Carmen” Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-2-9-carmen-released/feed/ 13
WordPress 2.8.6 Released http://www.themelab.com/wordpress-2-8-6-released/ http://www.themelab.com/wordpress-2-8-6-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=1088 In case you didn’t notice the message on top of your WordPress dashboard, WordPress 2.8.6 is now available. The release fixes two security problems that can be exploited by registered and logged in users with posting privileges. Basically if you have untrusted users on your blog with a user level of “Author” or above, upgrading

The post WordPress 2.8.6 Released appeared first on ThemeLab.

]]>
In case you didn’t notice the message on top of your WordPress dashboard, WordPress 2.8.6 is now available. The release fixes two security problems that can be exploited by registered and logged in users with posting privileges.

Basically if you have untrusted users on your blog with a user level of “Author” or above, upgrading is highly recommended.

I’m sure you know the drill by now, make sure you backup before you upgrade. I haven’t heard of any upgrade issues with this release so it should be relatively painless.

The post WordPress 2.8.6 Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-2-8-6-released/feed/ 3
WordPress 2.8.5 Released http://www.themelab.com/wordpress-2-8-5-released/ http://www.themelab.com/wordpress-2-8-5-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=1050 It was just announced yesterday that WordPress 2.8.5 has been released, which is considered a “security hardening” release. Here are some of the updates and fixes: A fix for the Trackback Denial-of-Service attack that is currently being seen. Removal of areas within the code where PHP code in variables was evaluated. Switched the file upload

The post WordPress 2.8.5 Released appeared first on ThemeLab.

]]>
It was just announced yesterday that WordPress 2.8.5 has been released, which is considered a “security hardening” release. Here are some of the updates and fixes:

  • A fix for the Trackback Denial-of-Service attack that is currently being seen.
  • Removal of areas within the code where PHP code in variables was evaluated.
  • Switched the file upload functionality to be whitelisted for all users including admins.
  • Retiring of the two importers of tag data from old plugins.

If you’re wondering what the difference between a “hardening release” and a “security release” is, I don’t think there is any. The only difference to me seems that people don’t seem to complain as much about hardening releases as they do security releases.

Anyway, I’m sure you know the drill by now. Make sure you take a backup beforehand (which you should be doing regularly anyway, and use the automatic upgrader or upgrade manually if necessary.

I just upgraded to 2.8.5 yesterday with the automatic upgrader and everything seems to be running smoothly.

The post WordPress 2.8.5 Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-2-8-5-released/feed/ 4
Security Alert – Upgrade to WordPress 2.8.4 Now http://www.themelab.com/security-alert-upgrade-to-wordpress-2-8-4-now/ http://www.themelab.com/security-alert-upgrade-to-wordpress-2-8-4-now/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=931 There is a security exploit going around, and it could affect anyone not using the most up-to-date version of WordPress at the moment, which is WordPress 2.8.4. Lorelle has a good writeup on how old WordPress versions are under attack. To summarize, here’s what to look out for if you think your WordPress site may

The post Security Alert – Upgrade to WordPress 2.8.4 Now appeared first on ThemeLab.

]]>
There is a security exploit going around, and it could affect anyone not using the most up-to-date version of WordPress at the moment, which is WordPress 2.8.4. Lorelle has a good writeup on how old WordPress versions are under attack. To summarize, here’s what to look out for if you think your WordPress site may have been compromised.

  • Unusual additions to your WordPress permalink structure. If you see anything like “eval” and/or “base64_decode” in your URLs, you’ve already been hit.
  • This is a real kicker: a hidden admin account. That’s right, the exploit can let the attacker set up a hidden admin account that may not even be displayed in your user list.

This post offers some solutions if you have already been hacked. Remove the extra permalink code in Settings → Permalinks, remove the extra admin account, and (obviously) upgrade to the latest version of WordPress.

Has anyone been affected by this exploit? I’m happy to say out of all of my WordPress sites, I haven’t been hit, although I have still upgraded all of my WordPress installations to the latest version, including Theme Lab, and I highly recommend you do the same (as long as you backup first). Just another reason to keep your WordPress version up-to-date.

The post Security Alert – Upgrade to WordPress 2.8.4 Now appeared first on ThemeLab.

]]>
http://www.themelab.com/security-alert-upgrade-to-wordpress-2-8-4-now/feed/ 13
WordPress 2.8.4 Released http://www.themelab.com/wordpress-284-released/ http://www.themelab.com/wordpress-284-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=894 As predicted, WordPress 2.8.4 has been released. No surprise here, after news about the admin password reset “exploit” issue surfaced yesterday. Yeah, there’s some arguments over whether it’s a security issue or not, but it can be pretty annoying if you get hit by it. It’s highly recommended you upgrade immediately. This is a pretty

The post WordPress 2.8.4 Released appeared first on ThemeLab.

]]>
As predicted, WordPress 2.8.4 has been released. No surprise here, after news about the admin password reset “exploit” issue surfaced yesterday. Yeah, there’s some arguments over whether it’s a security issue or not, but it can be pretty annoying if you get hit by it.

It’s highly recommended you upgrade immediately. This is a pretty minor upgrade as it’s supposed to only fix the one bug. Anyone know the record of most point releases on a single branch?

By the way, if you ever come across an undiscovered WordPress security issue, make sure you know the correct way to report it. Blabbing about how you used it on sites you don’t own/administer under the guise of “proof-of-concept” is not the correct way,.

The post WordPress 2.8.4 Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-284-released/feed/ 3
WordPress 2.8.3 Released http://www.themelab.com/wordpress-283-released/ http://www.themelab.com/wordpress-283-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=869 WordPress 2.8.3 was just released, just a couple weeks after the last one. This is a security update, so it’s highly recommended you upgrade immediately. What exactly is fixed? According to Ryan Boren, some things that were supposed to be fixed in 2.8.2, as he “missed some places when fixing the privilege escalation issues.” No

The post WordPress 2.8.3 Released appeared first on ThemeLab.

]]>
WordPress 2.8.3 was just released, just a couple weeks after the last one. This is a security update, so it’s highly recommended you upgrade immediately.

What exactly is fixed? According to Ryan Boren, some things that were supposed to be fixed in 2.8.2, as he “missed some places when fixing the privilege escalation issues.”

No worries Ryan, we’re all human. This is open source at its best, as several community members saw these overlooked areas and contributed to the fix. As always, make a WordPress backup before upgrading.

P.S. I left a message on Twitter a few hours ago about the winning Slick Red theme from last week’s theme battle. Make sure to check this page periodcally to check the Slick Red coding in progress.

The post WordPress 2.8.3 Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-283-released/feed/ 1
WordPress 2.8.2 Released http://www.themelab.com/wordpress-282-released/ http://www.themelab.com/wordpress-282-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=859 The release of WordPress 2.8.2 has been announced. This was a relatively unexpected release, however it fixes a cross site scripting (XSS) vulnerability due to comment author URLs not being fully sanitized. This could then cause you to be directed to another site from your admin panel. I’ve been reading on Twitter that people haven’t

The post WordPress 2.8.2 Released appeared first on ThemeLab.

]]>
The release of WordPress 2.8.2 has been announced. This was a relatively unexpected release, however it fixes a cross site scripting (XSS) vulnerability due to comment author URLs not being fully sanitized. This could then cause you to be directed to another site from your admin panel.

I’ve been reading on Twitter that people haven’t had any problems upgrading, it looks to be a pretty simple fix. Just to be on the safe side, I’d recommend you take a backup before upgrading.

The post WordPress 2.8.2 Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-282-released/feed/ 1
WordPress 2.8.1 Released http://www.themelab.com/wordpress-281-released/ http://www.themelab.com/wordpress-281-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=851 For all you people who like to wait for the first point release to upgrade, now is the time. WordPress 2.8.1 fixes a number of bugs. Some of the more glaring fixes I noticed are listed below: Certain themes were calling get_categories() in such a way that it would fail in 2.8. 2.8.1 works around

The post WordPress 2.8.1 Released appeared first on ThemeLab.

]]>
For all you people who like to wait for the first point release to upgrade, now is the time. WordPress 2.8.1 fixes a number of bugs. Some of the more glaring fixes I noticed are listed below:

  • Certain themes were calling get_categories() in such a way that it would fail in 2.8. 2.8.1 works around this so these themes won’t have to change.
  • Disabled code highlighting due to browser incompatibilities.

The first seemed to effect a number of mostly commercial themes which used the get_categories() function in their theme options pages. Despite the initial dismissal of this apparent bug, it is now resolved thanks to the swift action of WordPress developers.

Even though we already know how to disable code highlighting, having it disabled in 2.8.1 means you won’t have to deal with it at all, which is fine by me. Seems that feature turned out to be a dud.

Have you upgraded to WordPress 2.8.1 yet? Any thoughts, problems, concerns? Let me know in the comments.

The post WordPress 2.8.1 Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-281-released/feed/ 4
WordPress 2.8 “Baker” Released http://www.themelab.com/wordpress-28-baker-released/ http://www.themelab.com/wordpress-28-baker-released/#comments Wed, 30 Nov -0001 00:00:00 +0000 http://www.themelab.com/?p=804 It was announced late yesterday night that WordPress 2.8 had been released. There have been improvements made to themes, widgets, and taxonomies. There were also over 790 bugs fixed. The WordPress team also released a video tour of WordPress 2.8, where they go over things like the new widget admin area, as well as syntax

The post WordPress 2.8 “Baker” Released appeared first on ThemeLab.

]]>
It was announced late yesterday night that WordPress 2.8 had been released. There have been improvements made to themes, widgets, and taxonomies. There were also over 790 bugs fixed.

The WordPress team also released a video tour of WordPress 2.8, where they go over things like the new widget admin area, as well as syntax highlighting in the theme and plugin editors (which I mentioned previously).

I’ll be upgrading the demo server to 2.8 later today to check if there are any bugs with the free WordPress themes, although I’m not expecting anything major.

Have you upgraded to 2.8 yet? How do you like it?

The post WordPress 2.8 “Baker” Released appeared first on ThemeLab.

]]>
http://www.themelab.com/wordpress-28-baker-released/feed/ 8