WordPress 3.0.4

WordPress 3.0.4 has been released and it a critical update as it fixes an XSS vulnerability.

It is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as critical.
I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well.

If you are a security researcher, we’d appreciate you taking a look over this changeset as well to review our update. We’ve given it a lot of thought and review but since this is so core we want as many brains on it as possible. Thanks to Mauro Gentile and Jon Cave (duck_) who discovered and alerted us to these XSS vulnerabilities first.

Changelog: WordPress 3.0.4
Download: WordPress 3.0.4
Download: Modified files since WordPress 3.0.3

1 Star2 Stars3 Stars4 Stars5 Stars (144 votes, average: 3.72 out of 5)

WP-Polls 2.20 Logs

Someone mentioned in the forums that since WP-Polls 2.20 allows users to vote for multiple answers, it make sense to revamp the whole logging part of WP-Polls and to allow administrator better understand his site’s voters preference.

I have since done so but it is still in a planning stages, comments and ideas are all welcomed. Here is a screenshot to get my point across.

I have removed the poll’s log from the Edit Poll and move it to its own page called log. There will be paging in the log page for sure.

There are 3 main ways you can filter the logs.

1. You can choose to display all the users that voted for a certain answers in a poll and you can choose what type voters you want to display.

2. View the answer voted by registered users or comment authors. It will not support guests.

3. You can choose to display the users who voted for more than 2 answers and what they voted for. This option is only available if the poll supports multiple answers.

Registered Users – It means the user is registered with your WordPress blog.
Comment Authors – Visitors who posted comments in your blog before and hence we are able to get his name/nickname via the cookies. 2 comment authors may share the same name, so it is not 100% accurate.
Guests – Self explanatory

1 Star2 Stars3 Stars4 Stars5 Stars (101 votes, average: 3.72 out of 5)

WordPress 2.5 Thoughts

As we are getting nearer and nearer towards WordPress 2.5 release date on 10th March 2008, at the same time, my school work is also piling up.

I am looking forward to the redesigned administration backend. All my plugins should work just fine for WordPress 2.5. The only change at the moment that I need to make is to my WP-Sticky to make use of the add_meta_box() instead of the DBX box.

Here are some links related to WordPress 2.5:

1 Star2 Stars3 Stars4 Stars5 Stars (90 votes, average: 3.72 out of 5)

WordPress 4.6 Released

WordPress 4.6 has been released.


What’s New

  • Streamlined Updates – Don’t lose your place: stay on the same page while you update, install, and delete your plugins and themes.
  • Native Fonts – The WordPress dashboard now takes advantage of the fonts you already have, making it load faster and letting you feel more at home on whatever device you use.
  • Inline Link Checker – Ever accidentally made a link to https://wordpress.org/example.org? Now WordPress automatically checks to make sure you didn’t.
  • Content Recovery – As you type, WordPress saves your content to the browser. Recovering saved content is even easier with WordPress 4.6.
  • Resource Hints- Resource hints help browsers decide which resources to fetch and preprocess. WordPress 4.6 adds them automatically for your styles and scripts making your site even faster
  • Robust Requests – The HTTP API now leverages the Requests library, improving HTTP standard support and adding case-insensitive headers, parallel HTTP requests, and support for Internationalized Domain Names.
  • WP_Term_Query and WP_Post_Type – A new WP_Term_Query class adds flexibility to query term information while a new WP_Post_Type object makes interacting with post types more predictable.
  • Meta Registration API – The Meta Registration API has been expanded to support types, descriptions, and REST API visibility.
  • Translations On Demand – WordPress will install and use the newest language packs for your plugins and themes as soon as they’re available from WordPress.org’s community of translators.
  • JavaScript Library Updates – Masonry 3.3.2, imagesLoaded 3.2.0, MediaElement.js 2.22.0, TinyMCE 4.4.1, and Backbone.js 1.3.3 are bundled.
  • Customizer APIs for Setting Validation and Notifications – Settings now have an API for enforcing validation constraints. Likewise, customizer controls now support notifications, which are used to display validation errors instead of failing silently.
  • Multisite, now faster than ever – Cached and comprehensive site queries improve your network admin experience. The addition of WP_Site_Query and WP_Network_Query help craft advanced queries with less effort.

Download: WordPress 4.6

1 Star2 Stars3 Stars4 Stars5 Stars (78 votes, average: 3.72 out of 5)