An “Excerpt” is a summary or short description of a full article. In other words, it is a post summary that will be displayed in your articles on the front page of your blog. On the bottom of the post, it will contain a link to the full article. This…
The developers at WordPress just discovered a specific vulnerability in the code. They describe the issue as follows: a specially crafted URL could be requested that would allow an attacker to bypass a security check to verify a user asked for a password reset. As a result of this problem, the first account without…
WordPress developers missed some places when fixing the privilege escalation issues for WordPress 2.8.1. Luckily, they got excellent feedback from the WordPress community and were able to fix this small issues. Many followers in the community dug deeper and discovered some areas that were overlooked. With their help, the remaining issues are now fixed in WordPress 2.8.3.…
I just read a new article in the WordPress Blog that talks about improving plugins by using a changelog file. The WordPress team added a new feature to the plugin directory to allow developers to include a changelog with their project. The changelog informs us what changes have been made in each…
This new version of WordPress fixes a cross-site scripting (XSS) vulnerability. The comment author URLs were not fully sanitized when displayed in the admin area. This vulnerability could be exploited to redirect you away from the admin to another site. You can upgrade WordPress automatically and in a few seconds. Just…
Great news! WordPress 2.8.1 was finally released! This version fixes many bugs and improves security for the plugin administration pages. Core Security Technologies notified the WordPress team that admin pages added by some plugins could be viewed by unprivileged users, resulting in information being leaked. Not all plugins are vulnerable to this problem, however they advise upgrading…
WordPress 2.8.1 Beta 2 is available for testing. You can download this new beta release and check out the changes since Beta 1. We recommend that all plugin developers test their plugins on beta 2 and let us know of any issues. Notable fixes in WordPress 2.8.1 beta 2 are: _Translation of role names has been fixed _Upload…
