WordPress 2.6.5

WordPress 2.6.5 has been released. This release fixes a security problem as well as 3 other minor fixes.

he security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.

2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.

Note that we are skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version 2.6.4.

5 files have been changed:

  1. /wp-admin/users.php
  2. /wp-includes/feed.php
  3. /wp-includes/post.php
  4. /wp-includes/version.php
  5. xmlrpc.php

You can just download this 5 files and upload it to your server

1 Star2 Stars3 Stars4 Stars5 Stars (35 votes, average: 3.09 out of 5)

My WordPress Plugins Screenshots

I have finally took some time off to update my WordPress plugins screenshot page. There used to be screenshots for only WP-Ban and WP-Polls. But now, all my plugins screenshots are all there, all 14 of them. Some plugins like WP-Ban, WP-DBManager and WP-ServerInfo can’t be shown in this demo site as it is for administrators only, but now with the screenshots, you can get a glimpse of it before you download the plugin.

» My WordPress Plugins Screenshots

1 Star2 Stars3 Stars4 Stars5 Stars (26 votes, average: 3.08 out of 5)

WordPress 2.3 Beta 1

WordPress 2.3 Beta 1 will be release later. Note that IT WILL NOT WORK with the current version of ALL my plugins as the whole /wp-admin/ folder had underwent some restructuring.

There WILL NOT be any more categories, link2cat, or post2cat tables. It will be replaced by terms, term_taxonomy and term_relationships. It means that my plugins MAY break as some of the functions uses direct query to those depreciated tables.

I will update the current development version of ALL my plugins to be compatible with WordPress 2.3 and above. If you are using the development version of my plugins for WordPress 2.2 after I updated all of them, it WILL BREAK.

I will post another entry once I have completed updating all of them to be compatible to WordPress 2.3.

1 Star2 Stars3 Stars4 Stars5 Stars (19 votes, average: 3.05 out of 5)

WordPress 2.7 RC 2

WordPress 2.7 RC2 has been released. It should be pretty close to the final version according to Matt:

We feel this release is pretty much exactly what we’re going to ship as 2.7, barring any final bugs or polish tweaks that you report or we find.

I am guessing we can see WordPress 2.7 final either tomorrow or on Friday.

Download: WordPress 2.7 RC 2

1 Star2 Stars3 Stars4 Stars5 Stars (18 votes, average: 3.00 out of 5)