WP-PostRatings 1.61

I have released WP-PostRatings 1.61 which fixes a code injection via “HTTP Referrer” and affects users who are on WP-PostRatings 1.50 only. This is the same code injection fixed for WP-Polls few days back.

I have checked the rest of my plugins to ensure that the code is not in anymore of my plugins. Sorry for any inconvenienced cased.

Similar to WP-Polls, I also took this chance to port the readme.html to the proper readme.txt which WordPress.org is using and now you can see all the details of WP-PostRatings right from the plugins page itself regardless if it is from your WP-Admin or WordPress.org.

All users should upgrade now

Props to Dion Hulse aka dd32 for the report!

Download: WP-PostRatings 1.61

22 thoughts on “WP-PostRatings 1.61

  1. Ankit Sharma

    Why I am not seeing any notification of Plugin Update in any of my WordPress Site’s Admin Panel???
    I m using version 1.50 only.
    Updating manually now.

  2. Pingback: Code Injection Follow Up | Lester Chan’s WordPress Plugins

  3. Pingback: Tweets that mention WP-PostRatings 1.61 | Lester Chan’s WordPress Plugins -- Topsy.com

  4. Steve Smith

    Is there any way to seed the ratings? We are moving away from an old rating system to yours (great word press plugin, btw) and want to transfer the old stats, if possible. Sorry if you’ve already answered this on the blog or in the docs, I just couldn’t find it.


  5. eighthsin

    Why does it no longer register .png image files? I have created a new folder with customised ratings in .png format and they do not show up. The .gif ones have white borders around them which I dont want.

  6. karkung

    My site wordpress 3.1 and WP-PostRatings 1.61 it can to use. But i using WP-PostRatings 1.61 + WP Super Cache can not work on mouse over rating….

  7. Javier Reynaldo

    There still appears to be some sort of injection/exploit going on with WP Polls. We are currently experiencing a problem with spam links being inserted into the footer of our homepage and we have isolated the problem to the WP Polls plugin. We are using the latest version of your plugin: 2.6.1

  8. Lester Chan Post author

    Drop me an email (lesterchan AT gmail) with more details and how you narrow down/reproduce it is WP-Polls problem. If I can reproduce it on my end, I will fix it.

  9. Lester Chan Post author

    Create a file name called .htaccess to “wp-content/plugins/wp-postratings/” with the content:

    < Files postratings-admin-ajax.php >
    order allow,deny
    deny from all
    < /Files >

    Remember to remove the spaces since I can’t embed code properly without a plugin.

    You can’t add no-follow to that page since it is not a HTML page at all. I have no idea why Google is indexing that page.

  10. Gavin

    Hi Lester,

    Many thanks for providing this great plugin.

    I was wondering, where in the code would one go about implementing an email notification when someone rates a post? The body would say something like:

    “User with IP [ip-num] just rated post at [post-url] with value [rating-value]. Average rating now stands at [average-rating]!”

    I guess this would be a relatively minor tweak and maybe something you could add to a future release?

  11. Gavin

    Actually, please ignore my idea – the logs under “Manage ratings” are sufficient! Nice work.

  12. Jimario

    Hi Lester, great plugin. It works fine EXCEPT for some reason the plugin is only allowing one rating per post. I have the ratings tied to product posts and if I rate a product that hasn’t already been rated, no one else is able to rate that same product. Is there a way I can fix that? I’d like for all visitors to be able to rate any products even if someone else has already rated them. That way I can start building stats on which product(s) are the most popular. If anyone else had this problem and fixed it feel free to jump in. Thanks.

  13. egamerhdk

    Any chance that there will be an update to let people update/change their vote? I’ve gotten a couple of people asking me to change their rating for them. Best I can do is delete the rating and tell them to rate it again.

  14. Hermann

    Hi Lester – and everyone for that matter :)
    After I upgraded WP to Version 3.2.1, I can’t access PostRatings’ Settings any longer. Now I always receive “You do not have sufficient permissions to access this page.”

    Please, anyone, drop me a line if you have any ideas at all.
    Am running 15+ sites, all experiencing this problem.
    Best regards,
    – Hermann

Comments are closed.