Lester Chan's WordPress Plugins Development Blog
WP-DBManager 2.61 has been released and it fixes a security vulnerability which will allow user to download your wp-config.php. If you do not use the default backup folder path, you are not affected by this.
However, most users are affected and it is recommended that you upgrade WP-DBManager to 2.61.
WP-DBManager 2.62 will be out on Tuesday with added nonce security and auto-repair functionality.
Sorry for any inconvenience caused.
Download: WP-DBManager 2.61
(113 votes, average: 3.85 out of 5)If you look on the right, those items on the sidebar all called widgets. I find them kinda cool and hence I have created widgets for WP-Polls, WP-UserOnline and WP-Stats.
New version of WP-UserOnline and WP-Stats will be coming out on 1st July 2006. Any plugins used on this site are all the latest builds.
(276 votes, average: 3.84 out of 5)WordPress 3.1.4 & 3.2 RC3 has been released.
WordPress 3.1.4
WordPress 3.1.4 is available now and is a maintenance and security update for all previous versions.
This release fixes an issue that could allow a malicious Editor-level user to gain further access to the site. Thanks K. Gudinavicius of SEC Consult for bringing this to our attention. Version 3.1.4 also incorporates several other security fixes and hardening measures thanks to the work of WordPress developers Alexander Concha and Jon Cave of our security team. Consult the change log for more details.
Changelog: WordPress 3.1.4
Download: WordPress 3.1.4
Download: Modified files since WordPress 3.1.3
WordPress 3.2 RC3
This release was about all that stood in the way of a final release of WordPress 3.2. So we’re also announcing the third release candidate for 3.2, which contains all of the fixes in 3.1.4; few minor RTL, JavaScript, and user interface fixes; and ensures graceful failures if 3.2 is run on PHP4. As a reminder, we’ve bumped our minimum requirements for version 3.2 to PHP 5.2.4 and MySQL 5.0.
Download: WordPress 3.2 RC3
(103 votes, average: 3.84 out of 5)I am ranked among the Top 10 WordPress Plugins Developers. I am ranked 3rd to be precise based on the number of downloads for all my 17 plugins hosted on the official WordPress Plugins repository.
Source: W-Shadow.com’s Blog: Top 10 WordPress Plugin Developers
(49 votes, average: 3.84 out of 5)WordPress 3.9.2 has been released and it is a security release and hence it is recommended that you update your site immediately.
This release fixes a possible denial of service issue in PHP’s XML processing, reported by Nir Goldshlager of the Salesforce.com Product Security Team. It was fixed by Michael Adams and Andrew Nacin of the WordPress security team and David Rothstein of the Drupal security team. This is the first time our two projects have coordinated on joint security releases.
WordPress 3.9.2 also contains other security changes:
- Fixes a possible but unlikely code execution when processing widgets (WordPress is not affected by default), discovered by Alex Concha of the WordPress security team.
- Prevents information disclosure via XML entity attacks in the external GetID3 library, reported by Ivan Novikov of ONSec.
- Adds protections against brute attacks against CSRF tokens, reported by David Tomaschik of the Google Security Team.
- Contains some additional security hardening, like preventing cross-site scripting that could be triggered only by administrators.
We appreciated responsible disclosure of these issues directly to our security team. For more information, see the release notes or consult the list of changes.
Download WordPress 3.9.2 now or go to Dashboard -> Updates and click “Update Now”.
(43 votes, average: 3.84 out of 5)