The number one reason people give us for not upgrading to the latest version of WordPress is fear that their plugins won’t be compatible. As part of our continuing efforts to make WordPress core, plugin, and theme upgrades as painless as possible, Michael Adams developed and launched a beta of a new “Compatibility” feature in the plugin directory, powered by your votes. When viewing a plugin in the directory, select a WordPress version and a plugin version from the drop-downs. If there has been feedback about this WordPress / plugin version combination, we’ll show you what percentage of responses marked that combination as compatible vs how many marked it as incompatible.

If you log in, you’ll be able to help us gather this information! Just select a WordPress version / plugin version combination and click the “Works” or the “Broken” button. Please note that this shouldn’t be used to report minor issues with a plugin. You should mark a plugin as “Broken” only if its core functionality is truly broken when run on the specified WordPress version.

Right now we’re just in information gathering mode. So get out there and vote! Don’t just vote on broken plugins… cast a “Works” vote for every plugin that works on the version of WordPress you are using. This can help improve the signal-to-noise ratio in our data and prevent a few mistaken “Broken” votes from weighing too heavily.

For developers, we’re now including this data in our API. The plugin_information action now returns a “compatibility” member with the multidimensional array format:

array( {WP version} => array( {plugin version} => array( {% of reporters who say it works}, {# responses} ) ) )

If the API knows which version of WordPress you are using (for example, if you are making this query using the plugins_api() function from with WordPress), the API will only return compatibility information for your version of WordPress.

Eventually, we’d like to gather this compatibility feedback from within WordPress, allowing you to vote directly from your plugins admin screen. The ultimate goal is to use this information to inform you of plugin incompatibilities with a new version of WordPress during the upgrade process. For that to be useful we need a large set of high quality compatibility data. Start voting!

As you know over the past couple of months we have been working on the new features for WordPress 2.9. We have also been working on trying to make WordPress as secure as possible and during this process we have identified a number of security hardening changes that we thought were worth back-porting to the 2.8 branch so as to get these improvements out there and make all your sites as secure as possible.

The headline changes in this release are:

• A fix for the Trackback Denial-of-Service attack that is currently being seen.
• Removal of areas within the code where php code in variables was evaluated.
• Switched the file upload functionality to be whitelisted for all users including Admins.
• Retiring of the two importers of Tag data from old plugins.

We would recommend that all sites are upgraded to this new version of WordPress to ensure that you have the best available protection.

If you think your site may have been hit by one of the recent exploits and you would like to make sure that you have cleared out all traces of the exploit then we would recommend that you take a look at the WordPress Exploit Scanner.  This is a plugin which searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.  You can read more about this plugin here – “WordPress Exploit Scanner“

We have been hard at work now for a few months on the new features that will be coming in WordPress 2.9, and we are near the time when the first beta version will be available. We’ll need your help with beta testing the new features and ironing out any bugs.

There are a number of different ways in which you can get involved in the testing process, and each way is suited for each persons skill set and comfort level.  First of all, you can join the wp-testers mailing list to keep up to date with the testing progress and to discuss things with the other testers.  Secondly, you can head over to the Trac ticketing system and either create tickets for bugs you find or use some of the useful searches to look for patches that need testing or that need someone to try and reproduce the issue.

During the beta phase we are going to focus on stabilizing the new features and removing existing bugs which are well-understood and have easily testable solutions.  During this process we will not be adding any new enhancements so as to ensure that the focus is on making the 2.9 release as bug-free as possible.  We will also try and have a few special bug hunt days where one or more experienced WordPress developers will be available to help people track down issues and get patches committed to fix bugs.

To make is as easy as possible for you to get a beta testing install up and running we have put together a small WordPress plugin which makes it really easy to convert a test install of the latest release version of WordPress into a beta test install of the next up and coming release.  The plugin is called WordPress Beta Tester and is available to download from WordPress Extend or can be installed using the built-in plugin installer.  Please make sure you to only install this plugin on a test site. We do not recommend running beta versions on your normal, live sites in case anything goes wrong.  You can read more about the plugin in “Making it easy to be a WordPress Tester”

We are aiming to release the first beta version of 2.9 around the end of October, after we have put the finishing touches on the new features. Then we switch to full on beta testing mode and your help and feedback will be very much appreciated.  During the beta test program will push out new builds for automated upgrades regularly. Once we feel that a suitable level of stability has been achieved we will move into the release candidate phase. We hope to be able to make the final release 2.9 build available in either late November or early December.