WordPress 4.8.1 Released which is a maintenance Release

On 2 Aug, 2017, WordPress released its latest version i.e 4.8.1. Actually its a maintenance release which has 29 maintenance fixes and enhancements. The main updates are the fixes to the rich Text widget and the introduction of the Custom HTML widget.

After the release of WordPress 4.8, there were around 13 million downloads of WordPress 4.8. Hence WordPress 4.8.1 is available shortly after the release of WordPress 4.8 and it is a maintenance release which has resolved many issues.

Why WordPress 4.8.1 is the best platform to develop your WordPress website:-

WordPress is right now the most widely used software platform in the market. Earlier WordPress was often considered as the blogging platform but now it has evolved and it is one of the most sought after platforms for all kinds of websites. Some of the main reasons for the popularity of WordPress is its flexibility, scalability, SEO friendliness and robustness offered by WordPress platform. So many developers are working day and night to constantly upgrade its features and functionalities. WordPress developers can be hired if there is requirement for plugin development and PSD to WordPress conversion services. There are some plugins which you can install to avail many of these services.

The main benefit of using WordPress for your business website is that it is very flexible to incorporate many features and functionalities as per your business requirements. Also it is constantly upgraded with the release of newer and better version.

How to upgrade to WordPress 4.8.1?

If you want to finally upgrade to the latest version of WordPress i.e WordPress 4.8.1 then you can simply visit the Dashboard in your WordPress and click on the Updates and then “Update Now”. Otherwise you can also download fresh copy of WordPress 4.8.1 by visiting the official website of WordPress here.

 Download WordPress 4.8.1

Some of the websites which offer support for automatic background updates are already beginning to update to WordPress 4.8.1.

Why WordPress 4.8 is the Most Suitable Platform to Develop your WP Website?

WordPress is the most widely used software platform available in the market. It is no longer a blogging website but has now become one of the most sought after platforms for all kinds of websites. The main reason behind this popularity is the flexibility, modularity, and robustness offered by the platform. Moreover, there are ample of people who work on the platform to constantly upgrade its functionalities. One can easily avail services such as Plugin development and proficient PSD to WordPress developers to render you a highly-functional and feature rich website. Plus, all you need to do is to install a plugin.

One of the most favorable things about choosing WordPress for your business website is the flexibility to incorporate any functionality as per your business needs. Talking about the advancement, the platform constantly refurbished to launch the better version.

There were some security issues that were corrected in WordPress 4.7.5. Following are the six security issues that were present in WordPress versions 4.7.4 and earlier:

Insufficient redirect validation in the HTTP class, Improper handling of post metadata values in the XML-RPC API, Lack of capability checks for post meta data in the XML-RPC API, A Cross-Site Request Forgery (CSRF) vulnerability, A cross-site scripting (XSS) vulnerability and A cross-site scripting (XSS) vulnerability.

To further enhance WordPress web development services we now have a release candidate for WordPress 4.8 in the web market. RC obviously means that the developers are done and have released the final version. However, it is quite obvious that something might have been missed as the platform is big and there are millions of users as well as ample of plugins as well as themes. WordPress 4.8 was launched on Thursday, June 8, however, the development team seeks for help for testing. So, if you are interested in the release, then check WordPress 4.8 thoroughly.

In order to test WordPress 4.8, one can use the plugins such as WordPress Beta Tester plugin or download the release candidate directly (zip).

Moreover, the developers are constantly working hard and have made several of changes after the release of Beta 2. To get to know about what’s new in WordPress version 4.8 there are several blogs on Beta 1 and Beta 2 blog.

The best part of this platform is that it is open to accept bugs from anyone present out there. You can also support the Alpha or Beta support forum. One can easily resolve their issues when from these platforms.

Further, the platform is available for the developers to test their plugins as well as themes that you need for your WordPress 4.8 and can update the version of your plugin to the 4.8 version. In a case of any compatibility problems, one can post it on the support forums so that the developers can easily figure it out and it is sorted before the final release.

In order to make the development blog quite easy there is a developer-focused change is coming soon on the core development blog. Plus the developers are seeking to translate the language in more than 100 languages presents out there.

The developers are doing the development process quite meticulously and therefore they first launched the beta version of the software. Therefore, make sure not to run it on a production site. Make sure that you run it on the test site to play with the new version. One can test the WordPress website using the WordPress Beta Tester plugin.

Endnote!

There is no gainsaying that WordPress is quite an incredible platform for WordPress web development and its constant improvement further makes it one of the most sought after platforms in the market.

What all is new in WordPress 4.7.4

On 20th April 2017, WordPress released its latest version i.e. v4.7.4. Actually, its a maintenance release which has fixed 47 critical issues that were disclosed in the previous versions of WordPress v4.7.3. This update features a visual editor compatibility fix, which can be directly synced with the upcoming version of the Google Chrome.

With the maintenance release now available at WordPress.org there won’t be any broken thumbnails during the WordPress web development. After updating WordPress core, you won’t be facing any issues while uploading any of the video or audio files. It will be good if you consult a skilled WordPress developer which will help you get through this up-gradation process. The v4.7.4 also features the ability to Shift-click and select multiple checkboxes at once.

Some Key Highlights Of The Update

  • The visual editor will now be compatible with the latest version of Google Chrome.
  • A fix for broken audio-visual thumbnail bug.
  • Enhancements in the REST API making it efficient in data handling.
  • Restores the ability to perform multiple select from a range of checkboxes.

How To Update?

It will be good if you deactivate all the active plugins before initiating the up-gradation process.

Save all the WordPress XML Files on the hard drive. Click on the “Tools” icon and “Export”. Now you have to download the “Export” file. You have to create a “New Folder” on the hard drive where you can store all the extracted files.

Make sure you have to take regular backup of your portal. There are a plethora of plugins available in the WordPress Directory which will assist you in accomplishing this task. You can also schedule backups with the help of these plugins.

Download the copy of your WP Database Backup. This will come in handy in case the server crashes or any other thing goes south. That’s why it’s preferred that you should store the backup file in the cloud.

Now you have to download the theme/child template folders to a local hard drive or cloud. In case you are using the custom theme, then this step is mandatory.

Summing Up

The WordPress v4.7.4 offers 47 maintenance fixes that improve its interface & functioning. You can access the official release notes on WordPress’s site.

Time to upgrade: WordPress version 4.7.3

One of the major reasons behind the insane popularity of the WordPress content management system are the core updates that are released on regular basis. Most of the time, these updates are related to security patches, backend or frontend codes and WordPress core. It will be good if you quickly install all these official updates as it will help in making your WP-based website stable, secure and functional.

On 6th March 2017, WordPress released v4.7.3 which comes loaded with some major security issues and it is recommended to update your WP sites immediately. In case, you don’t have to time for this task, you can hire WordPress developer who will help you update your WordPress core. The latest version of WordPress has eliminated six security problems which were detected in v4.7.2. Although, WordPress has officially rolled out the update but it will take some time to reach out to the users spread across the globe.

Given below are six security issues that earlier affected the functioning of WordPress v4.7.2:

  • Control Characters which tricked the redirection of URL validation.
  • Cross-site scripting (XSS) via video URL in YouTube embeds.
  • The cross-site scripting (XSS) done via taxonomy term names.
  • Unintended files which can be removed by administrators with the help of plugin deletion functionality.
  • Cross-site scripting (XSS) via media file metadata.
  • Cross-site Request Forgery (CSRF) which lead to the excessive use of server resources.

In addition to the above-mentioned security problems, the WordPress 4.7.3 contains approx 39 maintenance fixes to the whole v4.7 release series. For further information about the complete list of changes, you can refer to the official release notes provided by the WordPress.

So if you wish to manually download and install the WordPress 4.7.3, all you need to do is to venture over the WP Dashboard -> Updates and click on the “Update Now” button. In case, your website supports automatic background updates, then your portal will automatically upgrade to the WordPress 4.7.3.

What all comes loaded in WordPress v4.7.2

After releasing a major update at the end of December 2016, WordPress two weeks ago introduced another update in i.e. WP v4.7.2 which has introduced to fix some crucial security flaws, three of which are disclosed at the time of official launch. The security issues eliminated in this update are SQL injection vulnerability in WP_Query, a cross-site scripting (XSS) vulnerability in the posts list table, and the Press- which allowed users to assign taxonomy terms with permission.

The fourth and the most important issue resolved in this update was of unauthenticated privilege escalation vulnerability in the REST API endpoint. WordPress fixed problem silently and disclosed it one week after the release. There are several other risk factors which can be cut down if you carefully convert PSD to WordPress and inspect every element before launching the website on the World Wide Web. The primary reason contributors opted to delay the disclosure to migrate the potential for mass exploitation of any site running on 4.7 or 4.7.1 is at risk.

This non-disclosure enabled users to manually or automatically update their portal which exposing themselves to any sort of risk. Sucuri, a company which works with WordPress was the first one to discover this issue. Various WAF (Web App Firewall) vendors and hosting companies also added different protections before the vulnerability was publicly disclosed.

This security problem existed for a week, the hackers were able to exploit it to the full extent and thousands of WordPress sites were defaced with messages such as “Hacked by NG689Skw”, “Hacked by w4l3XzY3” or similar. And when the users Googled the information about the particular hacks, they initiated the auto-process of hacking various other WP sites.

As the WordPress v4.7.2 is now officially available for download, it’s strongly recommended to download & install it, without wasting time.

Given below are some highlights of this latest version:

1. The user interface which was used for assigning taxonomy terms in Press This is shown to users who don’t have permission to use it.

2. WP_Query was vulnerable to the SQL Injection (SQLi) while passing the unsafe data. The WP core is not directly vulnerable to this issue, but you can safeguard this by adding plugins.

3. A cross-site scripting (XSS) was discovered in the posts list table.

4. An unauthenticated privilege escalation vulnerability was discovered in a REST API endpoint.

To download the WordPress v4.7.2, open the Dashboard-> Updates and simply click “Update Now”. If you are site supports automatic background updates are already beginning to update to WordPress 4.7.2. It will be good if you update your site as soon as possible so that your site doesn’t have to face any downtime.