This Week in WordPress: 4.2 Released and Another Security Scare

This Week in WordPress: 4.2 Released and Another Security Scare

This week’s round-up of WordPress news, views and reviews summarized in our daily email newsletter, The WhiP.

Subscribe to The Whip for daily lashings of WordPress goodness.

Friday, April 24

Bouncing With Bud

(WordPress News)

WordPress 4.2 is here. Named “Powell” after jazz pianist Bud Powell, this release – as we already know – features a new and improved Press This, emojis galore, the ability to switch themes in the theme customizer, more embed options (Twitter, Kickstarter), and a bunch of under-the-hood improvement. Hats off to release lead Drew Jaynes and all 283 of the awesome contributors who worked on this version.

Meanwhile, some sites automatically updated to WordPress 4.1.3. WP Tavern explains why.

Drew Jaynes talks about what it’s like to lead a WordPress development cycle on the latest episode of the WPWeekly podcast.

And another major release: Jetpack 3.5 introduces menu management on



Why you should have the latest version of WordPress. Really, it’s a no-brainer.

Taylor Swift Security

(Themes and Plugins)

WP Explorers looks at some great options for A/B split testing, including AB Press Optimizer and Convert This.

Bulletproof your WordPress site with Swift Security. WP Mayor looks at the plugin in-depth.


(Tutorials, Tips, and Tricks)

Releasing Plugin Updates and Handling Security Vulnerabilities (WebDevStudios).

Implementing An Interface For The WordPress Settings API (Part 3) (Tom McFarlin).

How to Achieve Email Marketing Automation Using Autoresponders (Elegant Themes).

7 Lessons I Wish I Knew Before Building My First Online Business (WooThemes).

Effective ECommerce Promotions: How To Create Coupon Codes With WooCommerce (Pagely).

Go Home

(Off-Topic, Random Stuff)

No, you’re not drunk, it’s just Times New Ramen.YouTube has turned 10. Here’s some of the best YouTube moments from the past 10 years.

All the best for a thoughtful and productive Friday and an awesome weekend.

Monday, April 27

Insider Info

(WordPress News)

What does it take to get a job at the world’s biggest WordPress company? Automattic creative director Dave Martin has published his five-step remote hiring process. Jeff Chandler at WP Tavern talks to tech professional Bianca Welds about the developing WordPress scene in Jamaica.

The folks at SpinPress recap the inspiring talks and fun times at the recent WordCamp Vienna.

On the latest episode of DradCast, WP Site Care founder Ryan Sullivan joins the guys to talk about the new version of WordPress that’s just been released. has relaunched and is now free. Developer Nick Haskins launched the service earlier this year as a hosted storytelling platform that offers all the features of his Aesop Story Engine.

What Not to Do


If you’re a designer with limited technical knowledge working in WordPress, Flywheel offers some advice on what not to do when you’re in over your head with WordPress.

The folks at Torque give their first impressions of WordPress 4.2.

Elegant Themes takes a look at the most hilariously terrible websites from around the web, including Ling’s Cars (which could also be the best website ever).

Press This

(Themes and Plugins)

First up for this section, on our blog here are 10 beautiful landing pages and the plugins they were built with.

WP Solver explains how to get started with Elegant Themes’ Monarch social sharing plugin.

Press This New Post is a new plugin that gives you quick access to the Press This posting form from the “+ New” drop-down in the WordPress 4.2 toolbar.

And here’s how to customize the WordPress text editor to look and function like the front-end of your site.

Cloak and Dagger

(Tutorials, Tips, and Tricks)

How to Cloak Your Links to Protect Your WordPress Site’s Revenue (WPMU DEV).

The 3 Keys to Creating Viral Content (Elegant Themes).

Inheritance With The WordPress Settings API (Tom McFarlin).

The Importance And Benefit of Double Opt-in Email Marketing (Elegant Themes).

Disabling Unwanted WordPress Widgets (SpinPress).

Epic Win

(Off-Topic, Random Stuff)

From near failure to a $1.5 billion sale: The epic story of

All the best for a thoughtful and productive Monday.

Tuesday, April 28

Under Pressure

(WordPress News)

Another day, another WordPress security scare. This time, the Zero Day XSS vulnerability allows hackers to inject JavaScript into comments. The core security team released a patch pretty quickly, while managed hosts have moved to reassure customers their sites are in safe hands. As usual, the best course of action is to keep your WordPress install up-to-date. While we’re on the topic of security… “The core WordPress software is quite secure. It’s the themes, plugins, and hosting which can lead to security issues. The best plugins, themes, and hosting handle security issues fast, as we’ve seen this week. Clients usually have problems only when they don’t keep their site up to date.” Cloudways’ latest Q&A features myWPExpert founder and developer Brandon Yanofsky.



Do the free themes at need changelogs? Theme Review Team member Jose Castaneda has posted a proposal to add change logs to themes hosted on In response, WP Tavern is running a poll on how often people read plugin changelog’s before updating.

iThemes offers some advice on how and why to boost your freelance rates.

And if you’re not offering this as a WordPress freelancer, you’re leaving money on the table (Spoiler: a WordPress check-up package).

Golden Years

(Themes and Plugins)

At WPMU DEV, we’ve added WooCommerce integration to our awesome CoursePress LMS plugin. Did I mention how awesome CoursePress is?

On the Pippins Plugins site, the free Caldera Form plugin gets a five-star review.

Brixton is a new clean and minimal blog theme. WP Lift is giving away the theme in its latest promotion.

The MOJO Themes marketpress is celebrating its fifth birthday with a 12 themes for $29 bundle.

And here are 10 gamification plugins to help get users excited about using your site.

Absolute Beginners

(Tutorials, Tips, and Tricks)

The Deal with WordPress Transients (CSS Tricks).

Data in The WordPress Settings API (Part 5) (Tom McFarlin).

Using Gulp for WordPress Automation (tuts+).

The WordPress JSON Rest API (WP API): What It Is, How it Works, & What It Means For The Future of WordPress (Elegant Themes). (Brownie points for the longest title ever!)

WordPress Security: 13 Steps to Make Your Website Bulletproof (Torque).

Ashes to Ashes

(Off-Topic, Random Stuff)

This is what happens to your website after you die. Lastly, here are 15 free eBooks for designers and developers over at Hongkiat.

All the best for a really great Tuesday.

Wednesday, April 29

Eat My Dust

(WordPress News)

With the dust barely settled on WordPress 4.2, work on WordPress 4.3 has already begun. The next version will be all about touch… Touching small screen devices, that is. The next release is due out on August 18. WP REST API 2.0 Beta 1 is out. The release has been named after Ralph Wiggum from The Simpson’s. It’s important to note 2.0 isn’t backwards or forwards compatible.

The folks behind the Redux and Kirki frameworks are joining forces to better support developers required to use the WordPress Customizer. Redux, which is built on the WordPress Settings API, is one of the most widely used options frameworks for themes and plugins, while Kirki makes it easy to style the customizer to be a more natural extension of your theme. has launched a WordPress Events Hub, which displays WordCamps, Meetups, and other WordPress events on the same page using a map overlay.

Tidy Repo is now an open-source project. The site offers a curated list of the best and most functional plugins from the directory and around the web.

Lastly, WebDevStudios is giving away a copy of Professional WordPress.

Be Awesome at Something


How to run a successful WordPress blog and the tools to help you do it, on the WPMU DEV Blog.

“If I had to do it again, the only thing I’d change would be to blog more often, and have an email subscription option from day one! It takes years to build an audience. The sooner you start, the better.” Ghost founder John O’Nolan offers his tips on how to grow a successful design career through blogging.

OSTraining believes emoji are the most important WordPress feature in years.

Instead of a Q&A, WP Engine will interview Minneapolis-based developer Toby Cryns live this week on Google Hangouts as part of the web host’s Finely Tuned Consultant series. Toby’s recent talk at WordCamp Minneapolis was entitled, “Be Awesome at Something.”

WP Engine is also offering a free eBook on the four Ss of managed WordPress hosting (TL;DR: security, scalability, speed, and service).

Snazzy Pizzazz

(Themes and Plugins)

Developer Anas Sulaiman, who created a series of popular Jetpack module alternatives, is retiring the plugins at the end of June.

Scrawl is a new, free monochromatic theme designed by Automattic’s Caroline Moore. It comes with bold feature images, “snazzy image captions, and pull-quote styles add pizzazz to your text.”

A new Easy Digital Downloads starter package is available with a 30% off discount through a promotion at WP Mayor.

WP Kube gives PTEngine a thumbs up in its latest review. The plugin provides user-friendly analytics and website heat mapping.

Dolly the Sheep

(Tutorials, Tips, and Tricks)

Organizing Files For The WordPress Settings API (Tom McFarlin).

How To Create Your Own Social Network With WordPress (Elegant Themes).

Create a Simple CRM in WordPress: Using Custom Capabilities (tuts+).

Getting WordPress Term Results that are Relative to a Different Taxonomy(CSS Tricks).

Get Comfortable

(Off-Topic, Random Stuff)

Apparently, using Times New Roman is the typeface equivalent of wearing sweatpants to an interview. Here are the best and worst fonts to use on your resume. And we’ll leave you on a happy note: This is what it looks like to have no friends.

All the best for a really great Wednesday.

Thursday, April 30

Up Their Game

(WordPress News)

Only 24% of themes hosted at support the theme customizer. The take-up rate is pretty slow, considering the customer was introduced three years ago, though developers will have to up their game as all themes submitted to the repository now have to use the customizer to build theme options.

Postmatic has officially launched its email-based commenting service. The free plugin aims to increase comment engagement by allowing readers to subscribe to new posts/comments via email and leave comments by simply hitting reply, according to WP Tavern. There’s also a premium version with extra features for $9 a month.

“My experience has been that WordPress users and developers are extremely willing to give back to the WordPress community. I believe that sense of giving naturally bleeds over into giving back to their communities at large.” OSTraining talks to Chattanooga-based WordPress developer Beau Moffatt about rundown cities reinventing themselves with technology.

Like All Minions


“But like all minions, I wanted money for hobbies, so I got a job as a tech consultant at a bank. Disclosure? I had no idea what I was doing. I bluffed my way through that interview (sorry, Charlotte) and guessed my whole first month. And I stayed there for about fifteen years because while the job was boring at best, I had enough money to do (mostly) what I wanted in my free time.” WordPress support maven Mika Epstein writes about how WordPress has changed her life (brace yourself for warm and fuzzy feelings). The HeroPress site is publishing essays by people who have “overcome barriers which previously kept them on the periphery.”

Here’s a look at the top web design companies working in the WordPress space.

Torque talks to Turkish developer and tuts+ author Barış Ünver about censorship in Turkey and how it affects his work.

If Postmatic needed any more of an endorsement, developer Tom McFarlin writes about why he has been using it on his blog for months now.

Winter Layers

(Themes and Plugins)

Did you know ThemeForest is the official source of themes and extensions for the Layers drag and drop theme builder?

WP Kube has an overview of WPHelpDesk, a plugin that provides email-based customer support for organized teams.

Baby, You Can Drive My Car

(Tutorials, Tips, and Tricks)

The Complete Guide to WordPress Plugin Maintenance (WPMU DEV).

How to Drive More Traffic to Your WordPress Site (WP Explorer).

Revive and Promote Old WordPress Posts With These 10 Plugins (WPMU DEV).

How To Fix The “Error Establishing A Database Connection In WordPress” (Cloudways).

Surf’s Up

(Off-Topic, Random Stuff)

Leave the office and hit the beach with this new business suit you can surf in. If you get home on a Friday night and crash, here’s how you can use calendar and email alerts to make life a little better.

All the best for a thoughtful and productive Thursday.