WP-DBManager 2.61

WP-DBManager 2.61 has been released and it fixes a security vulnerability which will allow user to download your wp-config.php. If you do not use the default backup folder path, you are not affected by this.

However, most users are affected and it is recommended that you upgrade WP-DBManager to 2.61.

WP-DBManager 2.62 will be out on Tuesday with added nonce security and auto-repair functionality.

Sorry for any inconvenience caused.

Download: WP-DBManager 2.61

1 Star2 Stars3 Stars4 Stars5 Stars (111 votes, average: 3.87 out of 5)

WP-ShowHide 1.00

I have created a new plugin, WP-ShowHide. It is a simple plugin (83 lines of codes including comments) with no configuration screen needed.

This new plugin came about when Hisham tweeted me about whether there is a “Show/Hide Press Release” WordPress plugin like what Engadget does when posting a Press Release.

I can’t seem to find it and decided to code one myself using WordPress ShortCode API. I made the plugin more generic rather than focusing on Press Releases, so you can have multiple Show/Hide content within a post.

I tested it on WordPress 3.1.1 but technically it should work with any version higher than WordPress 2.5 because ShortCode was introduced in WordPress 2.5.

WP-ShowHide Description

Allows you to embed content within your blog post via WordPress ShortCode API and toggling the visibility of the cotent via a link. By default the content is hidden and user will have to click on the “Show Content” link to toggle it. Similar to what Engadget is doing for their press releases.

Example usage: [ showhide type="pressrelease" ]Press Release goes in here.[ /showhide ] (Remove the spaces before and after the square brackets [].)

Download: WP-ShowHide 1.00
Documentation: WP-ShowHide

Demostration/Example Usage
Remove the spaces before and after the square brackets [].

Tag: [ showhide ][ /showhide ]

Tag: [ showhide type="links" more_text="Show Links (%s More Words)" less_text="Hide Links (%s More Words)" ][ /showhide ]

Tag: [ showhide type="visibility" hidden="no" more_text="Show Visibility Content (%s More Words)" less_text="Hide Visibility Content (%s More Words)" ][ /showhide ]


The visibility of this content is set to display by default instead of hidden.

1 Star2 Stars3 Stars4 Stars5 Stars (75 votes, average: 4.19 out of 5)

WP-PostRatings 1.61

I have released WP-PostRatings 1.61 which fixes a code injection via “HTTP Referrer” and affects users who are on WP-PostRatings 1.50 only. This is the same code injection fixed for WP-Polls few days back.

I have checked the rest of my plugins to ensure that the code is not in anymore of my plugins. Sorry for any inconvenienced cased.

Similar to WP-Polls, I also took this chance to port the readme.html to the proper readme.txt which WordPress.org is using and now you can see all the details of WP-PostRatings right from the plugins page itself regardless if it is from your WP-Admin or WordPress.org.

All users should upgrade now

Props to Dion Hulse aka dd32 for the report!

Download: WP-PostRatings 1.61

1 Star2 Stars3 Stars4 Stars5 Stars (256 votes, average: 4.01 out of 5)

WP-Polls 2.61

I have released WP-Polls 2.61 which fixes a code injection via “HTTP Referrer” and affects users who are on WP-Polls 2.60 only.

I also took this chance to port the readme.html to the proper readme.txt which WordPress.org is using and now you can see all the details of WP-Polls right from the plugins page itself regardless if it is from your WP-Admin or WordPress.org.

All users should upgrade now

Vulnerability discovered by + Props to:

Dweeks, Leon Juranic and Chad Lavoie of the Swiftwill Security Team (www.swiftwill.com)

Download: WP-Polls 2.61

1 Star2 Stars3 Stars4 Stars5 Stars (95 votes, average: 3.96 out of 5)