WordPress 4.8 Release Candidate 2

June 1, 2017

The second release candidate for WordPress 4.8 is now available. To test WordPress 4.8, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip). We’ve made a handful of changes since releasing RC 1 last week. For more details about what’s new in version 4.8, check out the […]


WordPress 4.8 Release Candidate

May 25, 2017

The release candidate for WordPress 4.8 is now available. RC means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.8 on Thursday, June 8, but we need your help to get there. If you haven’t tested 4.8 yet, […]


WordPress 4.8 Beta 2

May 23, 2017

WordPress 4.8 Beta 2 is now available! This software is still in development, so we don’t recommend you run it on a production site. Consider setting up a test site just to play with the new version. To test WordPress 4.8, try the WordPress Beta Tester plugin (you’ll want “bleeding edge nightlies”). Or you can […]


WordPress 4.7.5 Security and Maintenance Release

May 16, 2017

WordPress 4.7.5 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.4 and earlier are affected by six security issues: Insufficient redirect validation in the HTTP class. Reported by Ronni Skansing. Improper handling of post meta data values in the XML-RPC […]


WordPress Now on HackerOne

May 15, 2017

WordPress has grown a lot over the last thirteen years – it now powers more than 28% of the top ten million sites on the web. During this growth, each team has worked hard to continually improve their tools and processes. Today, the WordPress Security Team is happy to announce that WordPress is now officially […]


WordPress 4.8 Beta 1

May 13, 2017

We’re planning a smaller WP release early next month, bringing in three major enhancements: An improved visual editor experience, with a new TinyMCE that allows you navigate more intuitively in and out of inline elements like links. (Try it out to see, it’s hard to describe.) A revamp of the dashboard news widget to bring […]


WordPress 4.7.4 Maintenance Release

April 20, 2017

After almost sixty million downloads of WordPress 4.7, we are pleased to announce the immediate availability of WordPress 4.7.4, a maintenance release. This release contains 47 bug fixes and enhancements, chief among them an incompatibility between the upcoming Chrome version and the visual editor, inconsistencies in media handling, and further improvements to the REST API.


WordPress 4.7.3 Security and Maintenance Release

March 6, 2017

WordPress 4.7.3 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.2 and earlier are affected by six security issues: Cross-site scripting (XSS) via media file metadata.  Reported by Chris Andrè Dale, Yorick Koster, and Simon P. Briggs. Control characters can trick redirect […]


WordPress 4.7.2 Security Release

January 26, 2017

WordPress 4.7.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7.1 and earlier are affected by three security issues: The user interface for assigning taxonomy terms in Press This is shown to users who do not have permissions to use it. […]


WordPress 4.7.1 Security and Maintenance Release

January 11, 2017

WordPress 4.7 has been downloaded over 10 million times since its release on December 6, 2016 and we are pleased to announce the immediate availability of WordPress 4.7.1. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.7 and earlier are affected by eight security issues: […]