Kila Morton Wrote About Me

Kila Morton of PureBlogic has written an article about me and the article is being submitted to digg.

Lester Chan is a student. While attending school, he decided to start developing WordPress plug-ins to support himself. These plug-ins offer great functionality that extend the WordPress platform. For instance, at the bottom of this blog there is a rating system. Where did that come from boys and girls? Lester Chan! Need polls for your blog? Who can you turn to? Lester Chan! In fact, Lester has developed over a dozen plug-ins for WordPress users. These are plug-ins that make it easier for people like you and I to blog about what we love and make money blogging .

THANK YOU Kila Morton!

View: Lester Chan Makes Great WordPress Plug-ins For Your Blog

1 Star2 Stars3 Stars4 Stars5 Stars (47 votes, average: 3.30 out of 5)

WordPress 2.6.5

WordPress 2.6.5 has been released. This release fixes a security problem as well as 3 other minor fixes.

he security issue is an XSS exploit discovered by Jeremias Reith that fortunately only affects IP-based virtual servers running on Apache 2.x. If you are interested only in the security fix, copy wp-includes/feed.php and wp-includes/version.php from the 2.6.5 release package.

2.6.5 contains three other small fixes in addition to the XSS fix. The first prevents accidentally saving post meta information to a revision. The second prevents XML-RPC from fetching incorrect post types. The third adds some user ID sanitization during bulk delete requests. For a list of changed files, consult the full changeset between 2.6.3 and 2.6.5.

Note that we are skipping version 2.6.4 and jumping from 2.6.3 to 2.6.5 to avoid confusion with a fake 2.6.4 release that made the rounds. There is not and never will be a version 2.6.4.

5 files have been changed:

  1. /wp-admin/users.php
  2. /wp-includes/feed.php
  3. /wp-includes/post.php
  4. /wp-includes/version.php
  5. xmlrpc.php

You can just download this 5 files and upload it to your server

1 Star2 Stars3 Stars4 Stars5 Stars (32 votes, average: 3.28 out of 5)

WordPress 3.8.2

WordPress 3.8.2 has been released and it is important for all you guys to update it as it is a security release.

WordPress 3.8.2 is now available. This is an important security release for all previous versions and we strongly encourage you to update your sites immediately.
This releases fixes a weakness that could let an attacker force their way into your site by forging authentication cookies. This was discovered and fixed by Jon Cave of the WordPress security team.
It also contains a fix to prevent a user with the Contributor role from improperly publishing posts. Reported by edik.

This release also fixes nine bugs and contains three other security hardening changes:

  • Pass along additional information when processing pingbacks to help hosts identify potentially abusive requests.
  • Fix a low-impact SQL injection by trusted users. Reported by Tom Adams of dxw.
  • Prevent possible cross-domain scripting through Plupload, the third-party library WordPress uses for uploading files. Reported by Szymon Gruszecki.

Checkout out the full changelog here.

Download: WordPress 3.8.2

1 Star2 Stars3 Stars4 Stars5 Stars (18 votes, average: 3.28 out of 5)