This Week in WordPress

SMS Text

More than three out of five CMS based websites now are powered by WordPress, according to a W3Techs survey. Since it’s more likely that you’re a WordPress user than not, let’s take a look at some recent WordPress news.

Our Old Friend Timthumb is Back

Remember Timthumb? The image resizing script that made everyone scream “OMG! WordPress is not safe!” a few years ago, even though it isn’t really part of WordPress. Well, it’s back. This new vulnerability allows attackers to delete, create, or modify files on your server.

Luckily it’s not as dangerous as it once was, for a few reasons:

  • Most modern themes and plugins use WordPress core functionality to resize images nowadays
  • Not every site that uses Timthumb is in danger

Vulnerability was first reported by Sucuri and it only affects sites that use Timthumb’s Webshot feature, which is disabled by default. So, unless you’re using Timthumb and have Webshot feature enabled, you shouldn’t worry about this. But, if you really want to be safe it might be best to ditch Timthumb altogether.

Not sure if you’re using Timthumb with Webshots enabled? Check readme files for your theme and any plugin you have that handles image manipulation, or ask their authors.

Then switch to Timthumb-free alternatives, of course.

PressNomics 3 Dates Announced

If WordPress platform is a big part of your business then PressNomics is THE conference for you. PressNomics is organized by WordPress hosting company Pagely and previous events have featured some of the brightest business minds in WordPress community.

PressNomics 2012, photo by @we-are-envato

PressNomics 2012, photo by

The event will be held January 22nd through January 24th in Tempe, Arizona, and tickets go on sale on August 6th. There’s only 250 available, so you better mark the date.

VersionPress – Version Control for Non-Developers

Sure, you can already go back to old versions of your posts and pages by using revisions. But VersionPress could be more than that, so much more. You read that correctly: VersionPress is currently in prototype stages and will only happen if its crowd-funding campaign is successful.


If you think your workflow would benefit from features like versioning for everything in your site, easy reverts for plugin, themes and core upgrades or quick undo for anything you do in WordPress dashboard – all in a free WordPress plugin – check out VersionPress homepage and back the project.

New oEmbed Providers in WordPress 4.0

oEmbeds are one of the best things for WordPress publishers. Gone are the days when you had to copy full embed code to add a YouTube video to your posts, all you need to do now is paste YouTube video URL on its own line in WordPress editor. It doesn’t only work with YouTube, of course, you can also embed content from Twitter, Instagram, Flickr, Vimeo and so on (check full list of oEmbed services supported in WordPress here).

WordPress 4.0, currently in development and planned for late August will add a few more to the list:

  • YouTube playlist URLs
  • TED talks
  • Polldaddy’s short URL format
  • Mixcloud
  • Issuu

Weekend Read: How to Speed Up Your WordPress Website

If you ever doubted Google was serious about page speed, this patent titled “Using resource load times in ranking search results” should be more than enough to convince you. Luckily, 20/80 principle fully applies to WordPress site speed.

There’s so much you can do with just a few clicks, without ever touching the code. From using a CDN to minifying your CSS and Javascript file and disabling pingbacks, this Smashing Magazine article on WordPress speed is your twelve-step program to recovery.

Featured photo credit: Huasonic via photopin cc

Slobodan Manic
A web developer with a passion for all things WordPress, he is also a co-founder of ThematoSoup, a themes and plug-ins development company, and a popular tutorial author on well-known WordPress theme sites such as WP Explorer and Wptuts+.
Get the latest news from Search Engine Journal!
We value your privacy! See our policy here.
  • David Trounce

    Hey, agree with the usefulness of oEmbeds. Would be great if they worled for Facebook and Twitter embeds. Thanks also for the link to smahing magazines WordPress speed up article – plenty of good info there.

  • Slobodan Manic

    Hey David,

    Actually Twitter already works and it has been available for a while now. As far as I know Facebook doesn’t support oEmbed, but I’m sure it will be added to list of WP supported services as soon as it does.

    You can see full list of supported providers here –

  • Hemang Rindani

    WordPress is an effortless
    Content Management System that helps a developer to do anything as required. It
    comes with number of themes and plugins that can make digital dream a reality.
    The features extends from developing a basic site to highly dynamic websites in
    multiple languages with number of users and unlimited functionalities.
    With increasing popularity of both, Content management system and WordPress, it is extremely important to have various plugins that satisfies any business requirements on the go. Each new version of WordPress added some valuable features from time to time making it more stable and reliable. The only important thing a developer must consider is to use secured and authenticated plugins for a website that does not compromise website security.