Want to stay on top of all the latest WordPress news? Look no further. Today, we bring you a smattering of some of the most important news in web dev and WordPress, all in one place. Most importantly, if you haven’t updated to WordPress 3.9.2, you’ll want to do it immediately. Why? Read on…
WordPress & Drupal Security Vulnerability
This news didn’t quite make the 1-week mark, but it’s worth noting if you haven’t yet seen the alert: if you have not updated to WordPress 3.9.2, stop what you’re doing and go update your site. Nir Goldshlager of Salesforce recently discovered a security glitch in both the WordPress and Drupal frameworks that allowed XML attacks, specifically an XML Quadratic Blowup Attack. Sounds pretty gruesome, huh? It is – the attack hones in on your XML files, and with a few simple characters can take down servers almost instantaneously.
Just another reason to stay on top of your WordPress updates (and theme updates… and plugin updates). Learn more about the attack at Mashable.com (notably, Mr. Goldshlager aided in authoring the highly informative article). More on the WordPress patch at WordPress.org.
Hidden Features in WordPress
Torque Mag identifies 11 WordPress Features you Probably Didn’t Know About, including the illusive Screen Options button, changing the autosave interval and save your hard work, and how to auto-embed media like Instagram photos, audio files, YouTube videos on the fly. Also helpful: how to change the default image dimensions you see in the WordPress Media Library (those pesky, irrelevant “Thumbnail, Medium, and Large” sizes now will give your blog images a uniform, standard look!).
Theme Checklist Plugin
Jeff Chandler of WPTavern writes about a new Theme Checklist plugin, which gives developers a detailed list of tests that a new WordPress theme must pass before submitting to WP.org. Developers check off each test once it passes – 31 different tests – that helps a brotha out, for sure! Still, it’s a good idea to do a final run-through with the WP.org Theme Check plugin as well.
How to Run a Contest
Brenda Barron of Elegant Themes talks about the do’s and don’ts of How to Run a Contest on WordPress. We second her recommendation for Rafflecopter, we’ve used it ourselves and have been impressed with the results.
Blog Design Don’ts
Ariel Rule writes a smart, quippy roundup of 3 blog elements that may be a turnoff to your readers over at WPLift: Does Your Blog Repel Your Viewers? These 3 Tips May Be An Eye Opener