WordPress 2.6.5

WordPress 2.6.5 has been released. This release fixes a security problem as well as 3 other minor fixes.

he security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.

2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.

Note that we are skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version 2.6.4.

5 files have been changed:

  1. /wp-admin/users.php
  2. /wp-includes/feed.php
  3. /wp-includes/post.php
  4. /wp-includes/version.php
  5. xmlrpc.php

You can just download this 5 files and upload it to your server

1 Star2 Stars3 Stars4 Stars5 Stars (30 votes, average: 3.43 out of 5)

WP-DownloadManager Updates

I have been spending the past few days coding WP-DownloadManager, and I am proud to say that I can release the beta very soon. I just left the readme.html to do.

For those who cannot wait for the readme, here is the direct link to the file via WordPress Plugins SVN.

As it is now, any file added to WP-DownloadManager can be download by anyone, I may add in permission to each file if I get enough responses.

Remember to update your permalinks by going to “WP-Admin -> Options -> Permalink” and click “Update Permalink Structure” because the file direct download link will be “http://yoursite.com/download/1/” where 1 is your file ID.

I think a picture paints a thousand words:

» WP-DownloadManager Screenshots

» WP-DownloadManager Support Forum

1 Star2 Stars3 Stars4 Stars5 Stars (14 votes, average: 3.43 out of 5)

Kila Morton Wrote About Me

Kila Morton of PureBlogic has written an article about me and the article is being submitted to digg.

Lester Chan is a student. While attending school, he decided to start developing WordPress plug-ins to support himself. These plug-ins offer great functionality that extend the WordPress platform. For instance, at the bottom of this blog there is a rating system. Where did that come from boys and girls? Lester Chan! Need polls for your blog? Who can you turn to? Lester Chan! In fact, Lester has developed over a dozen plug-ins for WordPress users. These are plug-ins that make it easier for people like you and I to blog about what we love and make money blogging .

THANK YOU Kila Morton!

View: Lester Chan Makes Great WordPress Plug-ins For Your Blog

1 Star2 Stars3 Stars4 Stars5 Stars (45 votes, average: 3.40 out of 5)

Plugins Update Delayed

Most of my plugins update which is intended to be released for May will be delayed for about 2 months because I got a freelance/contract job which I have to complete urgently as my client had paid me 40% down payment.

If you have a basic knowledge of SVN, you can get all the latest updates for my plugins straight from WordPress Plugins SVN. They are stable.

Sorry for any inconvenience caused and thank you for your understanding.

1 Star2 Stars3 Stars4 Stars5 Stars (23 votes, average: 3.39 out of 5)