WP-Polls 2.20 RC1

I am proud to release WP-Polls 2.20 RC1, a lot of work and effort have been put into it and it is now ready to be tested. If there is no bugs reported before 1st June 2007, this will be the final release.

Changelog since WP-Polls 2.14:

  • NEW: Poll Archive Link, Individual Poll Header And Footer In Poll Archive Template
  • NEW: Poll Templates Has Now Its Own Page ‘WP-Admin -> Polls -> Poll Templates’
  • NEW: Poll Widget Can Now Display Multiple Polls
  • NEW: Ability To Allow User To Select More Than 1 Poll Answer
  • NEW: Added AJAX Style Option: “Show Loading Image With Text”
  • NEW: Added AJAX Style Option: “Show Fading In And Fading Out Of Polls”
  • NEW: Major Changes To The Administration Panel For WP-Polls
  • NEW: AJAX Added To The Administration Panel For WP-Polls
  • NEW: Default Poll’s Result Template Will Now Show Number Of Votes Beside The Percentage
  • NEW: Term “Total Votes” Changed To “Total Voters”. Refer To Here
  • NEW: Removed Polls From Feed If The Poll Is Embedded Into The Post Using [ poll=ID ]
  • NEW: Filtering Of Individual Poll Logs
  • FIXED: Poll Archive Will Now Show Only Polls Results

As usual, if there is any bugs, PLEASE POST IT IN THE SUPPORT FORUMS and not in the comments. Thank you.

*UPDATE*
» WP-Polls 2.20

1 Star2 Stars3 Stars4 Stars5 Stars (58 votes, average: 3.90 out of 5)

WordPress 4.0.1 Released

WordPress 4.0.1 has been released today and it is a important security release. So please update your WordPress site as soon as possible.

WordPress 4.0.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

Sites that support automatic background updates will be updated to WordPress 4.0.1 within the next few hours. If you are still on WordPress 3.9.2, 3.8.4, or 3.7.4, you will be updated to 3.9.3, 3.8.5, or 3.7.5 to keep everything secure. (We don’t support older versions, so please update to 4.0.1 for the latest and greatest.)

WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This was reported by Jouko Pynnonen. This issue does not affect version 4.0, but version 4.0.1 does address these eight security issues:

  • Three cross-site scripting issues that a contributor or author could use to compromise a site. Discovered by Jon Cave, Robert Chapin, and John Blackbourn of the WordPress security team.
  • A cross-site request forgery that could be used to trick a user into changing their password.
  • An issue that could lead to a denial of service when passwords are checked. Reported by Javier Nieto Arevalo and Andres Rojas Guerrero.
  • Additional protections for server-side request forgery attacks when WordPress makes HTTP requests. Reported by Ben Bidner (vortfu).
  • An extremely unlikely hash collision could allow a user’s account to be compromised, that also required that they haven’t logged in since 2008 (I wish I were kidding). Reported by David Anderson.
  • WordPress now invalidates the links in a password reset email if the user remembers their password, logs in, and changes their email address. Reported separately by Momen Bassel, Tanoy Bose, and Bojan Slavkovi? of ManageWP.

Version 4.0.1 also fixes 23 bugs with 4.0, and we’ve made two hardening changes, including better validation of EXIF data we are extracting from uploaded photos. Reported by Chris Andrè Dale.

Download: WordPress 4.0.1

1 Star2 Stars3 Stars4 Stars5 Stars (51 votes, average: 3.90 out of 5)

Donations

Hi guys,

If you really like those plugins that I have created for WordPress and enjoy the fast support that I have given you whether it is through forums or email, perhaps you can consider dropping some donations to me =D

My Paypal email is gamerz84@hotmail.com, and my account now can accept credit card payment =D

Thank you so much =)

1 Star2 Stars3 Stars4 Stars5 Stars (604 votes, average: 3.89 out of 5)

WordPress 2.8.5

WordPress 2.8.5 has been released. This release makes your WordPress even more secure:

  • A fix for the Trackback Denial-of-Service attack that is currently being seen.
  • Removal of areas within the code where php code in variables was evaluated.
  • Switched the file upload functionality to be whitelisted for all users including Admins.
  • Retiring of the two importers of Tag data from old plugins.

Changelog: WordPress 2.8.5
Download: WordPress 2.8.5
Download: Modified files since WordPress 2.8.4

1 Star2 Stars3 Stars4 Stars5 Stars (256 votes, average: 3.89 out of 5)

WP-DBManager 2.62

I have released WP-DBManager 2.62.

  • Added Auto Repair functionality via WP Cron, similar to the current implementation of Backing Up & Optimizing DB
  • Added nonce to all forms for added security
  • Replace get_bloginfo('name') with get_option('blogname') and make it goes through wp_specialchars_decode()
  • Ported the readme.html to readme.txt

Finally, Props to Joakim Jardenberg, Jonas Nordström and Andreas Viklund for finding and reporting the previous security vulnerability.

Download: WP-DBManager 2.62

1 Star2 Stars3 Stars4 Stars5 Stars (192 votes, average: 3.89 out of 5)