WordPress 2.8.2 fixes an XSS vulnerability. Comment author URLs were not fully sanitized when displayed in the admin. This could be exploited to redirect you away from the admin to another site.  Download 2.8.2 or automatically upgrade from the Tools->Upgrade page of your blog’s admin.

Read Post

WordPress 2.8.1 fixes many bugs and tightens security for plugin administration pages. Core Security Technologies notified us that admin pages added by certain plugins could be viewed by unprivileged users, resulting in information being leaked. Not all plugins are vulnerable to this problem, but we advise upgrading to 2.8.1 to be safe. What else is […]

Read Post

I’m very excited to announce to everyone that the latest and greatest version of WordPress, version 2.8 “Baker,” is immediately available for download. 2.8 represents a nice fit and finish release for WordPress with improvements to themes, widgets, taxonomies, and overall speed. We also fixed over 790 bugs. This release is named in honor of […]

Read Post

A vulnerability in the Snoopy library was announced today.  WordPress uses Snoopy to fetch the feeds shown in the Dashboard.   Although this seems to be a low risk vulnerability for WordPress users, we wanted to get an update out immediately.  2.6.3 is available for download right now.  If you don’t want to download the whole […]

Read Post

I’m happy to announce that version 2.6 of WordPress.org is now available, almost a month ahead schedule. Version 2.6 “Tyner,” named for jazz pianist McCoy Tyner, contains a number of new features that make WordPress a more powerful CMS: you can now track changes to every post and page and easily post from wherever you […]

Read Post

Version 2.5.1 of WordPress is now available. It includes a number of bug fixes, performance enhancements, and one very important security fix. We recommend everyone update immediately, particularly if your blog has open registration. The vulnerability is not public but it will be shortly. In addition to the security fix, 2.5.1 contains many bug fixes. […]

Read Post

WordPress 2.5, the culmination of six months of work by the WordPress community, people just like you. The improvements in 2.5 are numerous, and almost entirely a result of your feedback: multi-file uploading, one-click plugin upgrades, built-in galleries, customizable dashboard, salted passwords and cookie encryption, media library, a WYSIWYG that doesn’t mess with your code, […]

Read Post

WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are […]

Read Post

WordPress 2.3.2 is an urgent security release that fixes a bug that can be used to expose your draft posts. 2.3.2 also suppresses some error messages that can give away information about your database table structure and limits and stops some information leaks in the XML-RPC and APP implementations. Get 2.3.2 now to protect your […]

Read Post

WordPress 2.3.1 is now available. 2.3.1 is a bug-fix and security release for the 2.3 series. 2.3.1 fixes over twenty bugs. Some of the notable fixes are: Tagging support for Windows Live Writer Fixes for a login bug that affected those with a Blog Address different than their WordPress Address Faster taxonomy database queries, especially […]

Read Post

2.2.3 is a security and bug-fix release for the 2.2 series. Since this is a security release, we suggest you upgrade immediately. Two of the fixes are high priority. On our Trac you can see the bugs closed and the files changed for 2.2.3. To get 2.2.3, please see our download page. As always, upgrade […]

Read Post

Today we have two security-related releases available for both users of our main 2.2 branch and the legacy 2.0 branch. As these releases include only security and minor bugfixes they should not cause any plugin or theme compatibility issues, so you have no good excuse not to upgrade. On our Trac you can see the […]

Read Post

WordPress 2.2.1 is now available. 2.2.1 is a bug fix release for the 2.2 series. Since 2.2 was released a month ago, the WordPress community has been improving fit-and-finish by identifying and fixing those little bugs that can be so annoying and by fine-tuning some small details. The result is a nicely polished 2.2.1 release. […]

Read Post

On behalf of the entire WordPress team, I’m proud and excited to announce the immediate availability of version 2.2 “Getz” for download. This version includes a number of new features, most notably Widgets integration, and over two hundred bug fixes. It’s named in honor of tenor saxophonist Stan Getz. Goodies: WordPress Widgets allow you to […]

Read Post

Long story short: If you downloaded WordPress 2.1.1 within the past 3-4 days, your files may include a security exploit that was added by a cracker, and you should upgrade all of your files to 2.1.2 immediately. Longer explanation: This morning we received a note to our security mailing address about unusual and highly exploitable […]

Read Post

We’ve got a new bugfix and security release for both of our actively maintained branches of WordPress. Version 2.1.1 includes about 30 bug fixes, mostly minor things around encoding, XML-RPC, the object cache, and HTML code. It’s available for immediate download on our download page. Version 2.0.9 only includes the security update, which was around […]

Read Post

On behalf of the WordPress.org community of commiters, contributers, and volunteers, I’m very proud to announce the immediate availability of WordPress 2.1 “Ella”, named for jazz vocalist Ella Fitzgerald. Here’s a sampling of what’s in the new version: Autosave makes sure you never lose a post again. Our new tabbed editor allows you to switch […]

Read Post

It’s new release time. The latest in our venerable 2.0 series, which now counts over 1.2 million downloads, is available for download immediately, and we suggest everyone upgrade as this includes security fixes. We’re breaking the tradition of naming releases after jazz musicians to congratulate Ryan Boren on his new son (and first WP baby) […]

Read Post

The latest in the stable 2.0 series, 2.0.3, is now available for download. This is a bug fix and security release, and is recommended for all WordPress users. In addition to an issue that was raised on Bugtraq a few days ago, we’ve also backported a number of security enhancements from 2.1 to further enhance […]

Read Post

On behalf of the WordPress community, I’m proud to announce a merger we’ve had on our minds since the first time we saw Dean Allen’s dog — WordPress and Textpattern are joining forces to create the greatest CMSMS ever, WordPattern. “WordPress and Textpattern: Two great tastes that taste great together.” As with any great union, […]

Read Post

It’s been exactly one month since we released the well-received WordPress 2.0 release. In the past 4 weeks we’ve been listening closely to feedback, squashing bugs wherever we find them, and watching how 2.0 handled under different loads. We’ve rolled up all the most important fixes into a 2.0.1 release, which is now available for […]

Read Post

The WordPress community is very proud to present the next generation of WordPress to the world, our 2.0 “Duke” release, named in honor of jazz pianist and composer Duke Ellington. We’ve been working long and hard to bring you this release, and I hope you enjoy using it as much as we’e enjoyed working on […]

Read Post

We’re happy to announce that a new version of WordPress is now available for download. This set of improvements and security fixes is in line with our commitment to maintaining an extremely stable 1.5 series. In addition to fixing a number of bugs and adding requested enhancements for plugin authors, this release also addresses all […]

Read Post

We would like to announce that WordPress 1.5.1.3 is now released as we continue the availablity of a highly stable and extremely popular branch based on the 1.5 Strayhorn codebase. Development has moved on to some exciting new features for the next major release, but an important security issue was brought to our attention which […]

Read Post

Update: In our effort to optimize we made two mistakes in 1.5.1, one related to feeds and one related to trackbacks and pingbacks. We’ve updated the download with 1.5.1.1 which corrects these bugs and a few others. It seemed like a good time to brighten everyone’s Monday with a new release of everyone’s favorite blogging […]

Read Post

(This is my favorite part of what I do.) To the 12,126 of you who have already downloaded WordPress 1.5, congrats for being on the ball. We had a “soft launch” on Monday the 14th while we worked out some infrastructure issues and we’re now very ready to announce WordPress 1.5 to the world. This […]

Read Post

WordPress 1.2.2 is now officially available for download. This release fixes a few bugs and security issues and is recommended for all 1.2 users. There have only been minor changes since the last release, so if you’re upgrading from any 1.2 version you can follow the normal upgrade instructions. Here’s a few of the things […]

Read Post

I am relieved to announce that WordPress 1.2.1 is now available for download. This release addresses a few bugs and minor security issues with 1.2. We’ve also backported the new login system from 1.3 that is much friendlier and should address many of the problems people have had with logging in and cookies. Upgrading Upgrading […]

Read Post

I am very proud to announce the immediate availability of the much-anticipated 1.2 “Mingus” release of WordPress. You can download it through the usual methods, though it usually takes a few hours for the SourceForge mirrors to catch up with everything. There are so many new features it’s almost too much for this post, but […]

Read Post

Peter Westwood has created a WordPress ebuild for the Gentoo Linux system, like I do. The ebuild currently has some weird dependencies, but that seems be due to some sort of web application framework they’re using. To install WordPress on Gentoo now simply type the following as root: emerge sync; emerge wordpress There is also […]

Read Post

Thanks to those who wrote in about the https://wordpress.org/latest link going to the old release, that has been fixed now.

Read Post

We realize that this development blog has been rather quiet lately, but the team has been working hard behind the scenes. As has been mentioned in the support forums, there came a point where we had pretty much gone beyond all of the version 1.1 milestones, so the next official release will be version 1.2. […]

Read Post

The latest WordPress 1.0.1 is now available. This is the fastest, most stable, and most secure WordPress ever.

Read Post

I am proud to announce that WordPress 1.0 is now available. As the version number indicates, this is a major step for us and a great deal of effort has gone into it. Search engine friendly permalinks You may now structure your permalinks in a manner that is not only more meaningful, semantic, and "cruft-free," […]

Read Post

I am very happy to announce that 0.72 is now available. Here are some of the new features: An important security fix Tons of bug fixes Password protected posts Cursor-aware quicktags (like using a fancy text-editor) Improved API support: full or near full support for the Blogger, MetaWeblog, and MT APIs New template design from […]

Read Post

A new version of WordPress has been issued to fix a cross site scripting (XSS) vulnerability in post comments.

Read Post

The 0.71 release of WordPress is now officially available.

Read Post

The first release of WordPress is now available.

Read Post