Version 4.1 of WordPress, named “Dinah” in honor of jazz singer Dinah Washington, is available for download or update in your WordPress dashboard. New features in WordPress 4.1 help you focus on your writing, and the new default theme lets you show it off in style.Introducing Twenty Fifteen Our newest default theme, Twenty Fifteen, is a blog-focused theme designed for clarity.
Twenty Fifteen has flawless language support, with help from Google’s Noto font family.
The straightforward typography is readable on any screen size.
Your content always takes center stage, whether viewed on a phone, tablet, laptop, or desktop computer.Distraction-free writing Just write.
Sometimes, you just need to concentrate on putting your thoughts into words. Try turning on distraction-free writing mode. When you start typing, all the distractions will fade away, letting you focus solely on your writing. All your editing tools instantly return when you need them.The Finer Points Choose a language
Right now, WordPress 4.1 is already translated into over forty languages, with more always in progress. You can switch to any translation on the General Settings screen.Log out everywhere
If you’ve ever worried you forgot to sign out from a shared computer, you can now go to your profile and log out everywhere.Vine embeds
Embedding videos from Vine is as simple as pasting a URL onto its own line in a post. See the full list of supported embeds.Plugin recommendations
The plugin installer suggests plugins for you to try. Recommendations are based on the plugins you and other users have installed.Under the Hood Complex Queries
Metadata, date, and term queries now support advanced conditional logic, like nested clauses and multiple operators — A AND ( B OR C ).Customizer API
The customizer now supports conditionally showing panels and sections based on the page being previewed.<title> tags in themes
add_theme_support( 'title-tag' ) tells WordPress to handle the complexities of document titles.Developer Reference
Continued improvements to inline code documentation have made the developer reference more complete than ever.The Choir
This release was led by John Blackbourn, with the help of these awesome folks. Check out some of their profiles while listening to Dinah Washington on the music service of your choice:Aaron D. Campbell, Aaron Jorbin, Adam Silverstein, akumria, Alex Concha, Alex Mills (Viper007Bond), Alex Shiels, Allan Collins, Amaury Balmer, Amruta Bhosale, Andrea Fercia, Andrea Gandino, Andrew Munro (sumobi), Andrew Nacin, Andrew Ozz, Andrew Ryno, Andrey "Rarst" Savchenko, Ankit Gade, Ankit K Gupta, antpb, arippberger, Austin Matzko, Bainternet, Barry Kooij, Ben Dunkle, Ben May, Bernhard Riedl, birgire, bobbingwide, Boone B. Gorges, Brady Vercher, Bram Duvigneau, Brandon Kraft, Brian DiChiara, Brian Richards, Brian Watson, Camden Segal, Captain Theme, Carlos Zuniga, Caspie, ccprice, Charles Fulton, ChriCo, Chris Aprea, Chris Jean, Chris Marslender, Chris Reynolds, chriscct7, chrisl27, Christian Foellmann, Christopher Finke, Corey Snow, Corphi, curtjen, Damon Cook, Dan Cameron, Daniel Bachhuber, Daniel Convissor, Darren Ethier (nerrad), Daryl Koopersmith, Dave McHale, David A. Kennedy, David Herrera, David Laietta, David Wood, DavidTheMachine, dcavins, Dennis Ploetner, Dion Hulse, Dirk Weise, Dominik Schilling, Dominik Schwind, Drew Jaynes, Dustin Filippini, DustinHartzler, Elio Rivero, Eric Binnion, Eric Holmes, Eric Lewis, Fabien Quatravaux, florianziegler, Gabe Shackle, Gary Cao, Gary Pendergast, Gennady Kovshenin, George Olaru, George Stephanis, Greg Rickaby, Gregory Cornelius, Gregory Karpinsky (@tivnet), Gustavo Bordoni, hardy101, hauvong, Helen Hou-Sandí, heshiming, honeysilvas, hugodelgado, Ian Stewart, ianmjones, Ignacio Cruz Moreno, imath, Ipstenu (Mika Epstein), Ivan Kristianto, J.D. Grimes, jaimieolmstead, jakub.tyrcha, janhenckens, Janneke Van Dorpe, Japh, Jared Wenerd, jarednova, jeanyoungkim, Jeff Farthing, Jeff Stieler, Jeremy Felt, Jeremy Herve, Jesin A, Jesper Johansen (jayjdk), Jesper van Engelen, Jesse Pollak, jipmoors, Joe Dolson, Joe McGill, John Eckman, johnrom, johnstonphilip, Jon Brown, Jon Cave, Jonathan Brinley, Jonathan Desrosiers, Joost de Valk, Jordi Cabot, Joshua Abenazer, JOTAKI Taisuke, jrf, julien731, Justin Sainton, Justin Sternberg, K.Adam White, Kailey (trepmal), Kaito, kamelkev, karpstrucking, keesiemeijer, Kelly Dwan, Kevin Langley, Kiko Doran, Kim Parsell, Kirk Wight, kitchin, Knut Sparhell, Konstantin Kovshenin, Konstantin Obenland, Kostas Vrouvas, kraftner, kristastevens, Kurt Payne, Lance Willett, Laurens Offereins, linuxologos, Liuiza Arunas, loushou, Lutz Schroer, Manoz69, mantismamita, marco, Mario Peshev, Marius (Clorith), Mark Hudnall, Mark Jaquith, Mark Senff, Marko Heijnen, marsjaninzmarsa, Matias Ventura, Matt Mullenweg, Matt Wiebe, Matthew Boynes, Matthew Haines-Young, mattkeys, Mel Choyce, Mert Yazicioglu, Michael Adams (mdawaffe), Michael Arestad, Michael Beckwith, Michael Cain, Michael Pick, michalzuber, Michelle Langston, Miguel Fonseca, Mike Hansen, Mike Jolley, Mike Nelson, Mike Schroder, Mikey Arce, Mitch Canter (studionashvegas), mlteal, Morgan Estes, Morten Rand-Hendriksen, mvd7793, Nashwan Doaqan, Niall Kennedy, Nick Halsey, Nikhil Vimal (NikV), Nikola Nikolov, nobleclem, noplanman, Nowell VanHoesen, OriginalEXE, p_enrique, Paul, Paul de Wouters, Paul Schreiber, Paul Wilde, pavelevap, Peter Chester, Peter J. Herrel, Peter Westwood, Peter Wilson, Philip Arthur Moore, phpmypython, Pippin Williamson, Prasath Nadarajah, psycleuk, Ptah Dunbar, quietnic, Rachel Baker, Rami Yushuvaev, ramiabraham, Reuben Gunday, Rian Rietveld, Richard Archambault, Ricky Lee Whittemore, Robert Chapin, Rodrigo Primo, Ryan Boren, Ryan Kienstra, Ryan McCue, Sakin Shrestha, Sam Hotchkiss, Samuel Wood (Otto), Scott Kingsley Clark, Scott Reilly, Scott Taylor, Sergey Biryukov, Shawn Hooper, Simon Wheatley, simonp303, skaeser, Slobodan Manic, socki03, solarissmoke, Stephane Daury, Stephen Edgar, Stephen Harris, Steve Grunwell, Sumit Singh, TacoVerdo, Takashi Irie, Takayuki Miyauchi, Tammie, Tareq Hasan, Taylor Lovett, Thorsten Frommen, Till, tmtrademark, Tobias Schutter, TobiasBg, Tom J Nowell, Tomas Mackevicius, TomHarrigan, Topher, Torsten Landsiedel, Tracy Levesque, transom, Travis Smith, tywayne, Udit Desai, Umesh Kumar, Vinod Dalvi, vlajos, voldemortensen, Weston Ruter, Yoav Farhi, Yuta Sekine, Zack Rothauser, and Zack Tollman.
There were 283 contributors to this release, again a new high.
Thanks for choosing WordPress. Happy holidays and see you next year for version 4.2!
The next release candidate for WordPress 4.1 is now available for testing.
To test, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the release candidate here (zip). If you’d like to learn more about what’s new in WordPress 4.1, visit the updated About screen in your dashboard ( → About in the toolbar) and also check out the Beta 1 post.
Plugin authors: Remember to test your plugins against 4.1, and if they’re compatible, make sure they are marked as tested up to 4.1. Be sure to follow along the core development blog; we’ve been posting notes for developers for 4.1 as always.
The release candidate for WordPress 4.1 is now available.
We’ve made a lot of refinements over the last few weeks. RC means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.1 on Tuesday, December 16, but we need your help to get there. If you haven’t tested 4.1 yet, now is the time! (Please though, not on your live site unless you’re adventurous.)
To test WordPress 4.1 RC1, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip). If you’d like to learn more about what’s new in WordPress 4.1, visit the About screen in your dashboard ( → About in the toolbar) or check out the beta announcement.
Developers, please test your plugins and themes against WordPress 4.1 and update your plugin’s Tested up to version in the readme to 4.1 before next week. If you find compatibility problems, we never want to break things, so please be sure to post to the support forums so we can figure those out before the final release.
Be sure to follow along the core development blog, where we’ll continue to post notes for developers for 4.1. (For example: if you’ve written a child theme for Twenty Fifteen, some of the new pagination functions have been renamed for clarity.)
Testing four point one
Why are we up at this hour?
Code is poetry
WordPress 4.0.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.
Sites that support automatic background updates will be updated to WordPress 4.0.1 within the next few hours. If you are still on WordPress 3.9.2, 3.8.4, or 3.7.4, you will be updated to 3.9.3, 3.8.5, or 3.7.5 to keep everything secure. (We don’t support older versions, so please update to 4.0.1 for the latest and greatest.)
WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This was reported by Jouko Pynnonen. This issue does not affect version 4.0, but version 4.0.1 does address these eight security issues:
- Three cross-site scripting issues that a contributor or author could use to compromise a site. Discovered by Jon Cave, Robert Chapin, and John Blackbourn of the WordPress security team.
- A cross-site request forgery that could be used to trick a user into changing their password.
- An issue that could lead to a denial of service when passwords are checked. Reported by Javier Nieto Arevalo and Andres Rojas Guerrero.
- Additional protections for server-side request forgery attacks when WordPress makes HTTP requests. Reported by Ben Bidner (vortfu).
- An extremely unlikely hash collision could allow a user’s account to be compromised, that also required that they haven’t logged in since 2008 (I wish I were kidding). Reported by David Anderson.
- WordPress now invalidates the links in a password reset email if the user remembers their password, logs in, and changes their email address. Reported separately by Momen Bassel, Tanoy Bose, and Bojan Slavković of ManageWP.
Version 4.0.1 also fixes 23 bugs with 4.0, and we’ve made two hardening changes, including better validation of EXIF data we are extracting from uploaded photos. Reported by Chris Andrè Dale.
Download WordPress 4.0.1 or venture over to Dashboard → Updates and simply click “Update Now”.
Welcome, everyone, to WordPress 4.1 Beta 1!
This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.1, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can download the beta here (zip).
WordPress 4.1 is due for release next month, so we need your help with testing. Here are some highlights of what to test:
- Our beautiful new default theme, Twenty Fifteen. It’s a clean, mobile-first, blog-focused theme designed through simplicity.
- A new distraction-free writing mode for the editor. It’s enabled by default for beta, and we’d love feedback on it.
- The ability to automatically install new language packs right from the General Settings screen (available as long as your site’s filesystem is writable).
- A new inline formatting toolbar for images embedded into posts.
There have been a lot of changes for developers to test as well:
- Improvements to meta, date, comment, and taxonomy queries, including complex (nested, multiple relation) queries; and querying comment types (#12668).
- A single term shared across multiple taxonomies is now split into two when updated. For more, see this post, #5809, and #30335.
- A new and better way for themes to handle title tags.
If you want a more in-depth view of what changes have made it into 4.1, check out the weekly review posts on the main development blog.
If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on the WordPress Trac. There, you can also find a list of known bugs and everything we’ve fixed so far.
Twenty Fifteen theme
The beautiful face which hides