WordPress 4.9.7 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress versions 4.9.6 and earlier are affected by a media issue that could potentially allow a user with certain capabilities to attempt to delete files outside the uploads directory.

Thank you to Slavco for reporting the original issue and Matt Barry for reporting related issues.

Seventeen other bugs were fixed in WordPress 4.9.7. Particularly of note were:

  • Taxonomy: Improve cache handling for term queries.
  • Posts, Post Types: Clear post password cookie when logging out.
  • Widgets: Allow basic HTML tags in sidebar descriptions on Widgets admin screen.
  • Community Events Dashboard: Always show the nearest WordCamp if one is coming up, even if there are multiple Meetups happening first.
  • Privacy: Make sure default privacy policy content does not cause a fatal error when flushing rewrite rules outside of the admin context.

Download WordPress 4.9.7 or venture over to Dashboard → Updates and click “Update Now.” Sites that support automatic background updates are already beginning to update automatically.

The previously scheduled 4.9.7 is now referred to as 4.9.8, and will follow the release schedule posted yesterday.

Thank you to everyone who contributed to WordPress 4.9.7:

1naveengiri, Aaron Jorbin, abdullahramzan, alejandroxlopez, Andrew Ozz, Arun, Birgir Erlendsson (birgire), BjornW, Boone Gorges, Brandon Kraft, Chetan Prajapati, David Herrera, Felix Arntz, Gareth, Ian Dunn, ibelanger, John Blackbourn, Jonathan Desrosiers, Joy, khaihong, lbenicio, Leander Iversen, mermel, metalandcoffee, Migrated to @jeffpaul, palmiak, Sergey Biryukov, skoldin, Subrata Sarkar, Towhidul Islam, warmlaundry, and YuriV.

WordPress 4.9.6 is now available. This is a privacy and maintenance release. We encourage you to update your sites to take advantage of the new privacy features.

A decorative header featuring the text "GDPR" and a lock inside of a blue shield, on multicolor green background.

Privacy

The European Union’s General Data Protection Regulation (GDPR) takes effect on May 25. The GDPR requires companies and site owners to be transparent about how they collect, use, and share personal data. It also gives individuals more access and choice when it comes to how their own personal data is collected, used, and shared.

It’s important to understand that while the GDPR is a European regulation, its requirements apply to all sites and online businesses that collect, store, and process personal data about EU residents no matter where the business is located.

You can learn more about the GDPR from the European Commission’s Data Protection page.

We’re committed to supporting site owners around the world in their work to comply with this important law. As part of that effort, we’ve added a number of new privacy features in this release.

Comments

A screenshot of a comment form, where the new "Save my name, email, and website in this browser for the next time I comment" checkbox is featured.

Logged-out commenters will be given a choice on whether their name, email address, and website are saved in a cookie on their browser.

Privacy Policy Page

A screenshot of the new Privacy Settings page.

Site owners can now designate a privacy policy page. This page will be shown on your login and registration pages. You should manually add a link to your policy to every page on your website. If you have a footer menu, that’s a great place to include your privacy policy.

In addition, we’ve created a guide that includes insights from WordPress and participating plugins on how they handle personal data. These insights can be copied and pasted into your site’s privacy policy to help you get started.

If you maintain a plugin that collects data, we recommend including that information in WordPress’ privacy policy guide. Learn more in our Privacy section of the Plugin Handbook.

Data Handling

A screenshot of the new Export Personal Data tools page. Several export requests are listed on the page, to demonstrate how the new feature will work.

Data Export

Site owners can export a ZIP file containing a user’s personal data, using data gathered by WordPress and participating plugins.

Data Erasure

Site owners can erase a user’s personal data, including data collected by participating plugins.

Howdy,

A request has been made to perform the following action on your account:

Export Personal Data

To confirm this, please click on the following link:
http://.wordpress.org/wp-login.php?action=confirmaction…

You can safely ignore and delete this email if you do not want to
take this action.

This email has been sent to you@example.com.

Regards,
Your friends at WordPress
http://wordpress.org

Site owners have a new email-based method that they can use to confirm personal data requests. This request confirmation tool works for both export and erasure requests, and for both registered users and commenters.


Maintenance

95 updates were made in WordPress 4.9.6. In addition to the above, particularly of note were:

  • “Mine” has been added as a filter in the media library.
  • When viewing a plugin in the admin, it will now tell you the minimum PHP version required.
  • We’ve added new PHP polyfills for forwards-compatibility and proper variable validation.
  • TinyMCE was updated to the latest version (4.7.11).

This post has more information about all of the issues fixed in 4.9.6 if you’d like to learn more.

Download WordPress 4.9.6 or venture over to Dashboard → Updates and click “Update Now.” Sites that support automatic background updates are already beginning to update automatically.

Please note that if you’re currently on WordPress 4.9.3, you should manually update your site immediately.


Thank you to everyone who contributed to WordPress 4.9.6:
Aaron D. Campbell, Aaron Jorbin, abdullahramzan, Adam Silverstein, Alain Schlesser, allendav, Andrea Fercia, Andrea Middleton, Andrew Ozz, Ayesh Karunaratne, Birgir Erlendsson (birgire), bridgetwillard, Burlington Bytes, Chetan Prajapati, claudiu, Corey McKrill, Daniel Bachhuber, David Herrera, Dominik Schilling (ocean90), Ella Van Dorpe, Eric Daams, Fernando Claussen, Garrett Hyder, Gary Pendergast, Heather Burns, Helen Hou-Sandi, herregroen, Ian Dunn, ibelanger, imath, Jb Audras, Jeffrey Paul, Jeremy Felt, Jesper V Nielsen, JJJ, Joe McGill, John Blackbourn, Jonathan Desrosiers, Josepha, jrf, Kåre Mulvad Steffensen, Laken Hafner, laurelfulford, lbenicio, macbookandrew, Marius L. J., Mel Choyce, Michael Nelson, Mike Jolley, Pascal Casier, pbrocks, postphotos, Prashant Baldha, PressTigers, programmin, Robin Cornett, Sergey Biryukov, Stefano Lissa, Stephane Daury (stephdau), Subrata Sarkar, Tammie Lister, teddytime, thomasplevy, Timothy Jacobs, Tobias Zimpel, Tom J Nowell, Tor-Bjorn Fjellner, Towhidul Islam, voneff, William Earnhardt, and Xenos (xkon) Konstantinos.

WordPress 4.9.5 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress versions 4.9.4 and earlier are affected by three security issues. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.5:

  1. Don't treat localhost as same host by default.
  2. Use safe redirects when redirecting the login page if SSL is forced.
  3. Make sure the version string is correctly escaped for use in generator tags.

Thank you to the reporters of these issues for practicing coordinated security disclosurexknown of the WordPress Security Team, Nitin Venkatesh (nitstorm), and Garth Mortensen of the WordPress Security Team.

Twenty-five other bugs were fixed in WordPress 4.9.5. Particularly of note were:

  • The previous styles on caption shortcodes have been restored.
  • Cropping on touch screen devices is now supported.
  • A variety of strings such as error messages have been updated for better clarity.
  • The position of an attachment placeholder during uploads has been fixed.
  • Custom nonce functionality in the REST API JavaScript client has been made consistent throughout the code base.
  • Improved compatibility with PHP 7.2.

This post has more information about all of the issues fixed in 4.9.5 if you'd like to learn more.

Download WordPress 4.9.5 or venture over to Dashboard → Updates and click "Update Now." Sites that support automatic background updates are already beginning to update automatically.

Thank you to everyone who contributed to WordPress 4.9.5:

1265578519, Aaron Jorbin, Adam Silverstein, Alain Schlesser, alexgso, Andrea Fercia, andrei0x309, antipole, Anwer AR, Birgir Erlendsson (birgire), Blair jersyer, Brooke., Chetan Prajapati, codegrau, conner_bw, David A. Kennedy, designsimply, Dion Hulse, Dominik Schilling (ocean90), ElectricFeet, ericmeyer, FPCSJames, Garrett Hyder, Gary Pendergast, Gennady Kovshenin, Henry Wright, Jb Audras, Jeffrey Paul, Jip Moors, Joe McGill, Joen Asmussen, John Blackbourn, johnpgreen, Junaid Ahmed, kristastevens, Konstantin Obenland, Laken Hafner, Lance Willett, leemon, Mel Choyce, Mike Schroder, mrmadhat, nandorsky, Nidhi Jain, Pascal Birchler, qcmiao, Rachel Baker, Rachel Peter, RavanH, Samuel Wood (Otto), Sebastien SERRE, Sergey Biryukov, Shital Marakana, Stephen Edgar, Tammie Lister, Thomas Vitale, Will Kwon, and Yahil Madakiya.

WordPress 4.9.4 is now available.

This maintenance release fixes a severe bug in 4.9.3, which will cause sites that support automatic background updates to fail to update automatically, and will require action from you (or your host) for it to be updated to 4.9.4.

Four years ago with WordPress 3.7 “Basie”, we added the ability for WordPress to self-update, keeping your website secure and bug-free, even when you weren’t available to do it yourself. For four years it’s helped keep millions of installs updated with very few issues over that time. Unfortunately yesterdays 4.9.3 release contained a severe bug which was only discovered after release. The bug will cause WordPress to encounter an error when it attempts to update itself to WordPress 4.9.4, and will require an update to be performed through the WordPress dashboard or hosts update tools.

WordPress managed hosting companies who install updates automatically for their customers can install the update as normal, and we’ll be working with other hosts to ensure that as many customers of theirs who can be automatically updated to WordPress 4.9.4 can be.

For more technical details of the issue, we’ve posted on our Core Development blog. For a full list of changes, consult the list of tickets.

Download WordPress 4.9.4 or visit Dashboard → Updates and click “Update Now.”

WordPress 4.9.3 is now available.

This maintenance release fixes 34 bugs in 4.9, including fixes for Customizer changesets, widgets, visual editor, and PHP 7.2 compatibility. For a full list of changes, consult the list of tickets and the changelog.

Download WordPress 4.9.3 or visit Dashboard → Updates and click “Update Now.” Sites that support automatic background updates are already beginning to update automatically.

Thank you to everyone who contributed to WordPress 4.9.3:

Aaron Jorbin, abdullahramzan, Adam Silverstein, Andrea Fercia, andreiglingeanu, Andrew Ozz, Brandon Payton, Chetan Prajapati, coleh, Darko A7, David Cramer, David Herrera, Dion Hulse, Felix Arntz, Frank Klein, Gary Pendergast, Jb Audras, Jeffrey Paul, lizkarkoski, Marius L. J., mattyrob, Monika Rao, munyagu, ndavison, Nick Momrik, Peter Wilson, Rachel Baker, rishishah, Ryan Paul, Sami Ahmed Siddiqui, Sayed Taqui, Sean Hayes, Sergey Biryukov, Shawn Hooper, Stephen Edgar, Sultan Nasir Uddin, tigertech, and Weston Ruter.

WordPress 4.9.2 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

An XSS vulnerability was discovered in the Flash fallback files in MediaElement, a library that is included with WordPress. Because the Flash files are no longer needed for most use cases, they have been removed from WordPress.

MediaElement has released a new version that contains a fix for the bug, and a WordPress plugin containing the fixed files is available in the plugin repository.

Thank you to the reporters of this issue for practicing responsible security disclosureEnguerran Gillier and Widiz.

21 other bugs were fixed in WordPress 4.9.2. Particularly of note were:

  • JavaScript errors that prevented saving posts in Firefox have been fixed.
  • The previous taxonomy-agnostic behavior of get_category_link() and category_description() was restored.
  • Switching themes will now attempt to restore previous widget assignments, even when there are no sidebars to map.

The Codex has more information about all of the issues fixed in 4.9.2, if you'd like to learn more.

Download WordPress 4.9.2 or venture over to Dashboard → Updates and click "Update Now." Sites that support automatic background updates are already beginning to update automatically.

Thank you to everyone who contributed to WordPress 4.9.2:

0x6f0, Aaron Jorbin, Andrea Fercia, Andrew Duthie, Andrew Ozz, Blobfolio, Boone Gorges, Caleb Burks, Carolina Nymark, chasewg, Chetan Prajapati, Dion Hulse, Hardik Amipara, ionvv, Jason Caldwell, Jeffrey Paul, Jeremy Felt, Joe McGill, johnschulz, Juhi Patel, Konstantin Obenland, Mark Jaquith, Nilambar Sharma, Peter Wilson, Rachel Baker, Rinku Y, Sergey Biryukov, and Weston Ruter.

WordPress 4.9.1 is now available. This is a security and maintenance release for all versions since WordPress 3.7. We strongly encourage you to update your sites immediately.

WordPress versions 4.9 and earlier are affected by four security issues which could potentially be exploited as part of a multi-vector attack. As part of the core team's ongoing commitment to security hardening, the following fixes have been implemented in 4.9.1:

  1. Use a properly generated hash for the newbloguser key instead of a determinate substring.
  2. Add escaping to the language attributes used on html elements.
  3. Ensure the attributes of enclosures are correctly escaped in RSS and Atom feeds.
  4. Remove the ability to upload JavaScript files for users who do not have the unfiltered_html capability.

Thank you to the reporters of these issues for practicing responsible security disclosure: Rahul Pratap Singh and John Blackbourn.

Eleven other bugs were fixed in WordPress 4.9.1. Particularly of note were:

  • Issues relating to the caching of theme template files.
  • A MediaElement JavaScript error preventing users of certain languages from being able to upload media files.
  • The inability to edit theme and plugin files on Windows based servers.

This post has more information about all of the issues fixed in 4.9.1 if you'd like to learn more.

Download WordPress 4.9.1 or venture over to Dashboard → Updates and click "Update Now." Sites that support automatic background updates are already beginning to update automatically.

Thank you to everyone who contributed to WordPress 4.9.1:

Alain Schlesser, Andrea Fercia, Angelika Reisiger, Blobfolio, bobbingwide, Chetan Prajapati, Dion Hulse, Dominik Schilling (ocean90), edo888, Erich Munz, Felix Arntz, Florian TIAR, Gary Pendergast, Igor Benic, Jeff Farthing, Jeffrey Paul, jeremyescott, Joe McGill, John Blackbourn, johnpgreen, Kelly Dwan, lenasterg, Marius L. J., Mel Choyce, Mário Valney, natacado, odyssey, precies, Saša, Sergey Biryukov, and Weston Ruter.

Major Customizer Improvements, Code Error Checking, and More! ?

Version 4.9 of WordPress, named “Tipton” in honor of jazz musician and band leader Billy Tipton, is available for download or update in your WordPress dashboard. New features in 4.9 will smooth your design workflow and keep you safe from coding errors.

Featuring design drafts, scheduling, and locking, along with preview links, the Customizer workflow improves collaboration for content creators. What’s more, code syntax highlighting and error checking will make for a clean and smooth site building experience. Finally, if all that wasn’t pretty great, we’ve got an awesome new Gallery widget and improvements to theme browsing and switching.


Customizer Workflow Improved 

Draft and Schedule Site Design Customizations

Yes, you read that right. Just like you can draft and revise posts and schedule them to go live on the date and time you choose, you can now tinker with your site’s design and schedule those design changes to go live as you please.

Collaborate with Design Preview Links

Need to get some feedback on proposed site design changes? WordPress 4.9 gives you a preview link you can send to colleagues and customers so that you can collect and integrate feedback before you schedule the changes to go live. Can we say collaboration++?

Design Locking Guards Your Changes

Ever encounter a scenario where two designers walk into a project and designer A overrides designer B’s beautiful changes? WordPress 4.9’s design lock feature (similar to post locking) secures your draft design so that no one can make changes to it or erase all your hard work.

A Prompt to Protect Your Work

Were you lured away from your desk before you saved your new draft design? Fear not, when you return, WordPress 4.9 will politely ask whether or not you’d like to save your unsaved changes.


Coding Enhancements

Syntax Highlighting and Error Checking? Yes, Please!

You’ve got a display problem but can’t quite figure out exactly what went wrong in the CSS you lovingly wrote. With syntax highlighting and error checking for CSS editing and the Custom HTML widget introduced in WordPress 4.8.1, you’ll pinpoint coding errors quickly. Practically guaranteed to help you scan code more easily, and suss out & fix code errors quickly.

Sandbox for Safety

The dreaded white screen. You’ll avoid it when working on themes and plugin code because WordPress 4.9 will warn you about saving an error. You’ll sleep better at night.

Warning: Potential Danger Ahead!

When you edit themes and plugins directly, WordPress 4.9 will politely warn you that this is a dangerous practice and will recommend that you draft and test changes before updating your file. Take the safe route: You’ll thank you. Your team and customers will thank you.


Even More Widget Updates 

The New Gallery Widget

An incremental improvement to the media changes hatched in WordPress 4.8, you can now add a gallery via this new widget. Yes!

Press a Button, Add Media

Want to add media to your text widget? Embed images, video, and audio directly into the widget along with your text, with our simple but useful Add Media button. Woo!


Site Building Improvements 

More Reliable Theme Switching

When you switch themes, widgets sometimes think they can just move location. Improvements in WordPress 4.9 offer more persistent menu and widget placement when you decide it’s time for a new theme. 

Find and Preview the Perfect Theme

Looking for a new theme for your site? Now, from within the Customizer, you can search, browse, and preview over 2600 themes before deploying changes to your site. What’s more, you can speed your search with filters for subject, features, and layout.

Better Menu Instructions = Less Confusion

Were you confused by the steps to create a new menu? Perhaps no longer! We’ve ironed out the UX for a smoother menu creation process. Newly updated copy will guide you.


Lend a Hand with Gutenberg ?

WordPress is working on a new way to create and control your content and we’d love to have your help. Interested in being an early tester or getting involved with the Gutenberg project? Contribute on GitHub.

(PS: this post was written in Gutenberg!)


Developer Happiness ?

Customizer JS API Improvements

We’ve made numerous improvements to the Customizer JS API in WordPress 4.9, eliminating many pain points. (Hello, default parameters for constructs! Goodbye repeated ID for constructs!) There are also new base control templates, a date/time control, and section/panel/global notifications to name a few. Check out the full list.

CodeMirror available for use in your themes and plugins

We’ve introduced a new code editing library, CodeMirror, for use within core. CodeMirror allows for syntax highlighting, error checking, and validation when creating code writing or editing experiences within your plugins, like CSS or JavaScript include fields.

MediaElement.js upgraded to 4.2.6

WordPress 4.9 includes an upgraded version of MediaElement.js, which removes dependencies on jQuery, improves accessibility, modernizes the UI, and fixes many bugs.

Roles and Capabilities Improvements

New capabilities have been introduced that allow granular management of plugins and translation files. In addition, the site switching process in multisite has been fine-tuned to update the available roles and capabilities in a more reliable and coherent way.


The Squad

This release was led by Mel Choyce and Weston Ruter, with the help of the following fabulous folks. There are 443 contributors with props in this release, with 185 of them contributing for the first time. Pull up some Billy Tipton on your music service of choice, and check out some of their profiles:

Aaron D. Campbell, Aaron Jorbin, abrightclearweb, Achal Jain, achbed, Acme Themes, Adam Silverstein, adammacias, Ahmad Awais, ahmadawais, airesvsg, ajoah, Aki Björklund, akshayvinchurkar, Alain Schlesser, Alex Concha, Alex Dimitrov, Alex Hon, alex27, allancole, Amanda Rush, Andrea Fercia, Andreas Panag, Andrew Nacin, Andrew Ozz, Andrey "Rarst" Savchenko, Andy Meerwaldt, Andy Mercer, Andy Skelton, Aniket Pant, Anil Basnet, Ankit K Gupta, Anthony Hortin, antisilent, Anton Timmermans, apokalyptik, artoliukkonen, Arunas Liuiza, attitude, backermann1978, Bappi, Ben Cole, Bernhard Gronau, Bernhard Kau, binarymoon, Birgir Erlendsson (birgire), BjornW, bobbingwide, boblinthorst, boboudreau, bonger, Boone B. Gorges, Brady Vercher, Brainstorm Force, Brandon Kraft, Brian Hogg, Brian Krogsgard, Bronson Quick, Caroline Moore, Casey Driscoll, Caspie, Chandra Patel, Chaos Engine, cheeserolls, chesio, chetansatasiya, choong, Chouby, chredd, Chris Jean, Chris Marslender, Chris Smith, Chris Van Patten, Chris Wiegman, chriscct7, chriseverson, Christian Chung, Christian Nolen, Christian Wach, Christoph Herr, Clarion Technologies, Claudio Sanches, Claudio Sanches, ClaudioLaBarbera, codemovement.pk, coderkevin, codfish, coreymcollins, Curdin Krummenacher, Curtiss Grymala, Cătălin Dogaru, danhgilmore, Daniel Bachhuber , Daniel Kanchev, Daniel Pietrasik, Daniele Scasciafratte, Daryl L. L. Houston (dllh), Dave Pullig, Dave Romsey (goto10), David A. Kennedy, David Chandra Purnama, David Herrera, David Lingren, David Mosterd, David Shanske, davidbhayes, Davide 'Folletto' Casali, deeptiboddapati, delphinus, deltafactory, Denis de Bernardy, Derek Herman, Derrick Hammer, Derrick Koo, dimchik, Dinesh Chouhan, Dion Hulse, dipeshkakadiya, dmsnell, Dominik Schilling, Dotan Cohen, Doug Wollison, doughamlin, DreamOn11, Drew Jaynes, duncanjbrown, dungengronovius, DylanAuty, Eddie Hurtig, Eduardo Reveles, Edwin Cromley, ElectricFeet, Elio Rivero, Ella Iseulde Van Dorpe, elyobo, enodekciw, enshrined, Eric Andrew Lewis, Eric Lanehart, Evan Herman, Felix Arntz, Fencer04, Florian Brinkmann, Florian TIAR, FolioVision, fomenkoandrey, Francesco Taurino, Frank Klein, Frankie Jarrett, Fred, Fredrik Forsmo, fuscata, Gabriel Maldonado, Garth Mortensen, Gary Jones, Gary Pendergast, Geeky Software, George Stephanis, Goran Šerić, Graham Armfield, Grant Derepas, Gregory Karpinsky (@tivnet), Hardeep Asrani, Helen Hou-Sandí, Henry Wright, hiddenpearls, Hinaloe, Hristo Pandjarov, Hugo Baeta, Iain Poulson, Ian Dunn, Ian Edington, idealien, Ignacio Cruz Moreno, imath, implenton, Ionut Stanciu, Ipstenu (Mika Epstein), ivdimova, J.D. Grimes, Jacob Peattie, Jake Spurlock, James Nylen, jamesacero, Japh, Jared Cobb, jayarjo, jdolan, jdoubleu, Jeff Bowen, Jeff Paul, Jeffrey de Wit, Jeremy Felt, Jeremy Pry, jimt, Jip Moors, jmusal, Joe Dolson, Joe Hoyle, Joe McGill, Joel James, johanmynhardt, John Blackbourn, John Dittmar, John James Jacoby, John P. Bloch, John Regan, johnpgreen, Jon (Kenshino), Jonathan Bardo, Jonathan Brinley, Jonathan Daggerhart, Jonathan Desrosiers, Jonny Harris, jonnyauk, jordesign, JorritSchippers, Joseph Fusco, Josh Eaton, Josh Pollock, joshcummingsdesign, joshkadis, Joy, jrf, JRGould, Juanfra Aldasoro, Juhi Saxena, Junko Nukaga, Justin Busa, Justin Sainton, Justin Shreve, Justin Sternberg, K.Adam White, kacperszurek, Kailey (trepmal), KalenJohnson, Kat Hagan, Keanan Koppenhaver, keesiemeijer, kellbot, Kelly Dwan, Kevin Hagerty, Kirk Wight, kitchin, Kite, kjbenk, Knut Sparhell, koenschipper, kokarn, Konstantin Kovshenin, Konstantin Obenland, Konstantinos Kouratoras, kuchenundkakao, kuldipem, Laurel Fulford, Lee Willis, Leo Baiano, LittleBigThings (Csaba), Lucas Stark, Luke Cavanagh, Luke Gedeon, Luke Pettway, lyubomir_popov, Mário Valney, mageshp, Mahesh Waghmare, Mangesh Parte, Manish Songirkar, mantismamita, Marcel Bootsman, Marin Atanasov, Marius L. J., Mariyan Belchev, Mark Jaquith, Mark Root-Wiley, Mark Uraine, Marko Heijnen, markshep, matrixik, Matt Banks, Matt King, Matt Mullenweg, Matt PeepSo, Matt van Andel, Matt Wiebe, Matthew Haines-Young, mattyrob, Max Cutler, Maxime Culea, Mayo Moriyama, mckernanin, Mel Choyce, mhowell, Michael Arestad, Michael Arestad, michalzuber, Miina Sikk, Mike Auteri, Mike Crantea, Mike Glendinning, Mike Hansen, Mike Little, Mike Schroder, Mike Viele, Milan Dinić, modemlooper, Mohammad Jangda, Mohan Dere, monikarao, morettigeorgiev, Morgan Estes, Morten Rand-Hendriksen, moto hachi ( mt8.biz ), mrbobbybryant, Naim Naimov, Nate Reist, NateWr, nathanrice, Nazgul, Ned Zimmerman, net, Nick Halsey , Nicolas GUILLAUME, Nikhil Chavan, Nikhil Vimal, Nikolay Bachiyski, Nilambar Sharma, noplanman, nullvariable, odie2, odyssey, Okamoto Hidetaka, orvils, oskosk, Otto Kekäläinen, ovann86, Pantip Treerattanapitak (Nok), Pascal Birchler, patilvikasj, Paul Bearne, Paul Wilde, Payton Swick, pdufour, Perdaan, Peter Wilson, phh, php, Piotr Delawski, pippinsplugins, pjgalbraith, pkevan, Pratik, Pressionate, Presskopp, procodewp, Rachel Baker, Rahul Prajapati, Ramanan, Rami Yushuvaev, ramiabraham, ranh, Red Sand Media Group, Riad Benguella, Rian Rietveld, Richard Tape, Robert D Payne, Robert Jolly, Robert Noakes, Rocco Aliberti, Rodrigo Primo, Rommel Castro, Ronald Araújo, Ross Wintle, Roy Sivan, Ryan Kienstra, Ryan McCue, Ryan Plas, Ryan Welcher, Sal Ferrarello, Sami Keijonen, Samir Shah, Samuel Sidler, Sandesh, Sang-Min Yoon, Sanket Parmar, Sarah Gooding, Sayed Taqui, schrapel, Scott Reilly, Scott Taylor, scrappy@hub.org, scribu, seancjones, Sebastian Pisula, Sergey Biryukov, Sergio De Falco, sfpt, shayanys, shazahm1, shprink, simonlampen, skippy, smerriman, snacking, solal, Soren Wrede, Stanimir Stoyanov, Stanko Metodiev, Steph, Steph Wells, Stephanie Leary, Stephen Edgar, Stephen Harris, Steven Word, stevenlinx, Sudar Muthu, Swapnil V. Patil, swapnild, szaqal21, Takahashi Fumiki, Takayuki Miyauchi, Tammie Lister, tapsboy, Taylor Lovett, team, tg29359, tharsheblows, the, themeshaper, thenbrent, thomaswm, Thorsten Frommen, tierra, Tim Nash, Timmy Crawford, Timothy Jacobs, timph, Tkama, tnegri, Tom Auger, Tom J Nowell, tomdxw, Toro_Unit (Hiroshi Urabe), Torsten Landsiedel, transl8or, traversal, Travis Smith, Triet Minh, Trisha Salas, tristangemus, truongwp, tsl143, Ty Carlson, Ulrich, Utkarsh, Valeriu Tihai, Viljami Kuosmanen, Vishal Kakadiya, vortfu, Vrunda Kansara, webbgaraget, WebMan Design | Oliver Juhas, websupporter, William Earnhardt, williampatton, Wolly aka Paolo Valenti, WraithKenny, yale01, Yoav Farhi, Yoga Sukma, Zach Wills, Zack Tollman, Ze Fontainhas, zhildzik, and zsusag.

Finally, thanks to all the community translators who worked on WordPress 4.9. Their efforts bring WordPress 4.9 fully translated to 43 languages at release time, with more on the way.

Do you want to report on WordPress 4.9? We've compiled a press kit featuring information about the release features, and some media assets to help you along.

If you want to follow along or help out, check out Make WordPress and our core development blog.

Thanks for choosing WordPress!

The third release candidate for WordPress 4.9 is now available.

A release candidate (RC) means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. In fact, we did miss some things in RC1 and RC2. This third release candidate was not originally scheduled, but due a number of defects uncovered through your testing of RC2 (thank you!), we are putting out another 4.9 release candidate.

We hope to ship WordPress 4.9 on Tuesday, November 14 (that’s tomorrow) at 23:00 UTC, but we still need your help to get there. If you haven’t tested 4.9 yet, now is the time! If there are additional defects uncovered through testing between now and the release time, we may delay the 4.9 release to the following day.

To test WordPress 4.9, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip).

We’ve made just over 20 changes since releasing RC2 last week (as we did between RC1 and RC2). For more details about what’s new in version 4.9, check out the Beta 1, Beta 2, Beta 3Beta 4RC1, and RC2 blog posts. A few specific areas to test in RC3:

  • Switching between the Visual and Text tabs of the editor, and the syncing of the cursor between those two tabs.
  • Overriding linting errors in the Customizer’s Additional CSS editor.
  • Adding nav menu items for Custom Links in the Customizer.
  • Scheduling customization drafts (stubbed posts/pages) for publishing in the Customizer.
  • Autosave revisions for changes in the Customizer.
  • About page styling.

Developers, please test your plugins and themes against WordPress 4.9 and update your plugin’s Tested up to version in the readme to 4.9. If you find compatibility problems please be sure to post to the support forums so we can figure those out before the final release — we work hard to avoid breaking things. Please see the summative field guide to the 4.9 developer notes on the core development blog.

Do you speak a language other than English? Help us translate WordPress into more than 100 languages!

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.

Didn’t squash them all ?
We want to release Tuesday
New features not bugs ✨

Thanks for your continued help testing out the latest versions of WordPress.

The second release candidate for WordPress 4.9 is now available.

A release candidate (RC) means we think we’re done, but with millions of users and thousands of plugins and themes, it’s possible we’ve missed something. We hope to ship WordPress 4.9 on Tuesday, November 14 (just over one week from now), but we need your help to get there. If you haven’t tested 4.9 yet, now is the time!

To test WordPress 4.9, you can use the WordPress Beta Tester plugin or you can download the release candidate here (zip).

We’ve made just over 20 changes since releasing RC 1 last week. For more details about what’s new in version 4.9, check out the Beta 1, Beta 2, Beta 3Beta 4, and RC1 blog posts. Specific areas to test in RC2:

  • Theme installation in the Customizer.
  • Scheduling changes for publishing in the Customizer.
  • Switching themes with live preview in the Customizer.

Developers, please test your plugins and themes against WordPress 4.9 and update your plugin’s Tested up to version in the readme to 4.9. If you find compatibility problems please be sure to post to the support forums so we can figure those out before the final release — we work hard to avoid breaking things. Please see the summative field guide to the 4.9 developer notes on the core development blog.

Do you speak a language other than English? Help us translate WordPress into more than 100 languages!

If you think you’ve found a bug, you can post to the Alpha/Beta area in the support forums. We’d love to hear from you! If you’re comfortable writing a reproducible bug report, file one on WordPress Trac, where you can also find a list of known bugs.

This week’s haiku is courtesy of @melchoyce:

We squashed all the bugs ?
But uh, if not, let us know
Also, test your stuff

Thanks for your continued help testing out the latest versions of WordPress.