WordPress is a widely used and highly extensible blogging plattform and web content management system. It provides customizeable themes, and over 30000 community-contributed plugins, is easy to configure and provides extensive documentation and howtos. WordPress can be used in a multi-user setup as well, repurposed as online shop or multimedia hosting, provides search enginge optimization, RSS/Atom news feeds, track- and pingbacks, link management, various formatting filters, and a built-in blog comment system tied per default to the useful but proprietary Akismet spam filter.
4.2.129 Apr 2015 23:45
Fix for XSS exploit within comment approval interface.
4.0.121 Nov 2014 08:45
WordPress versions 3.9.2 and earlier are affected by a critical cross-site
scripting vulnerability, which could enable anonymous users to compromise a
site. Version 4.0.0 was unaffected, but fixes 8 other security woes still:
Three cross-site scripting issues that a contributor or author could use to
compromise a site.
A cross-site request forgery that could be used to trick a user into
changing their password.
An issue that could lead to a denial of service when passwords are checked.
Additional protections for server-side request forgery attacks when
WordPress makes HTTP requests.
An extremely unlikely hash collision could allow a user s account to be
compromised, that also required that they haven t logged in since 2008 (I
wish I were kidding).
WordPress now invalidates the links in a password reset email if the user
remembers their password, logs in, and changes their email address.
Version 4.0.1 also fixes 23 bugs with 4.0, and we ve made two hardening
changes, including better validation of EXIF data we are extracting from
4.006 Sep 2014 08:36
Version 4.0 of WordPress, named Benny in honor of jazz clarinetist and bandleader Benny Goodman, adds many new features and bugfixes.
New style for the media upload manager. A default YouTube URL embedding scheme has been introduced. The WYSIWYG editor not smoothly expands to the current text length. Plugin management and downloads have been extended with new filtering / search functions and nicer browsing.