More than three out of five CMS based websites now are powered by WordPress, according to a W3Techs survey. Since it’s more likely that you’re a WordPress user than not, let’s take a look at some recent WordPress news.
Our Old Friend Timthumb is Back
Remember Timthumb? The image resizing script that made everyone scream “OMG! WordPress is not safe!” a few years ago, even though it isn’t really part of WordPress. Well, it’s back. This new vulnerability allows attackers to delete, create, or modify files on your server.
Luckily it’s not as dangerous as it once was, for a few reasons:
- Most modern themes and plugins use WordPress core functionality to resize images nowadays
- Not every site that uses Timthumb is in danger
Vulnerability was first reported by Sucuri and it only affects sites that use Timthumb’s Webshot feature, which is disabled by default. So, unless you’re using Timthumb and have Webshot feature enabled, you shouldn’t worry about this. But, if you really want to be safe it might be best to ditch Timthumb altogether.
Not sure if you’re using Timthumb with Webshots enabled? Check readme files for your theme and any plugin you have that handles image manipulation, or ask their authors.
Then switch to Timthumb-free alternatives, of course.
PressNomics 3 Dates Announced
If WordPress platform is a big part of your business then PressNomics is THE conference for you. PressNomics is organized by WordPress hosting company Pagely and previous events have featured some of the brightest business minds in WordPress community.
The event will be held January 22nd through January 24th in Tempe, Arizona, and tickets go on sale on August 6th. There’s only 250 available, so you better mark the date.
VersionPress – Version Control for Non-Developers
Sure, you can already go back to old versions of your posts and pages by using revisions. But VersionPress could be more than that, so much more. You read that correctly: VersionPress is currently in prototype stages and will only happen if its crowd-funding campaign is successful.
If you think your workflow would benefit from features like versioning for everything in your site, easy reverts for plugin, themes and core upgrades or quick undo for anything you do in WordPress dashboard – all in a free WordPress plugin – check out VersionPress homepage and back the project.
New oEmbed Providers in WordPress 4.0
oEmbeds are one of the best things for WordPress publishers. Gone are the days when you had to copy full embed code to add a YouTube video to your posts, all you need to do now is paste YouTube video URL on its own line in WordPress editor. It doesn’t only work with YouTube, of course, you can also embed content from Twitter, Instagram, Flickr, Vimeo and so on (check full list of oEmbed services supported in WordPress here).
WordPress 4.0, currently in development and planned for late August will add a few more to the list:
- YouTube playlist URLs
- TED talks
- Polldaddy’s short URL format
Weekend Read: How to Speed Up Your WordPress Website
If you ever doubted Google was serious about page speed, this patent titled “Using resource load times in ranking search results” should be more than enough to convince you. Luckily, 20/80 principle fully applies to WordPress site speed.
Featured photo credit: Huasonic via photopin cc