WP breaked by plugin
Archive for the ‘Security’ Category
MyEasyBackup plugin breaks WordPress security
Sunday, February 28th, 2010WordPress 2.9.2 Security Update Details
Wednesday, February 17th, 2010
WordPress 2.9.2 Security Update
Platinum SEO 1.3.2. What is new?
Tuesday, February 16th, 2010
Platinum SEO 1.3.2. What's new?
ChangeLog note at WordPress.org says about some compatibility with WordPress 2.9.1 fix. What was incompatible with WordPress 2.9.1? What was changed in this plugin version really? Do you need to make upgrade for this version? Interested? Proceed reading. (more…)
How to change WordPress MU User Role capabilities
Saturday, February 13th, 2010
User roles WordPress MU
As you know WPMU lets to have multiple blogs under single WordPress installation. Blog list is stored in the
wp_blogs database table. We will use blog ID attribute (blog_id field value) from this table. WPMU stores every blog data in the separate database tables set. Every blog data set differs with its blog ID in the name of the database tables, e.g. blog with ID=1 has wp_1_options table, blog with ID=2 has wp_2_options table, etc. So, to get the blog id=1 user roles capabilities from the database we can use this SQL query (more…)
IP Logger WordPress plugin review
Sunday, January 24th, 2010
IP Logger Review
Plugin Name:IP Logger v.2.8
Date of review: 24th January 2010
Rating:
Author profile: M. Retzlaff
WordPress plugin directory link: IP Logger
“IP Logger” WordPress plugin tracks records about every visitor of your site in the separate MySQL table in your WordPress blog database. Visitor’s information contains a lot of data including IP-address, user agent, country code, country name, city, etc… Convenient graphical visual presentation for that data is available via admin dashboard widget. Data can be exported into CSV or XML format. Plugin offers undesirable visitors blocking feature also.
(more…)
How to change WordPress User Role capabilities
Sunday, November 22nd, 2009
User Roles
Every WordPress blog owner knows that WordPress 2.8 and higher user standard roles are: Administrator, Editor, Author, Contributor, Subscriber.
What is the difference? What the “Author” can do but “Contributor” can not? Comprehensive information about it can be found here, at WordPress.org
But where all that data are stored? How to change the role if you really need it? Interested? Read this article and you will get some answers on that questions. Recently I met with the following problem at the multi-authored blog. User with role “Author” can upload images to the blog server, but can not use it in his/her posts. Any HTML tags are immediately hidden from post text after “Author” saves his draft or post. (more…)
WordPress 2.8.6 Security Release Details
Saturday, November 14th, 2009
Wordpress 2.8.6 Security Release
2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges. If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended. The first problem is an XSS vulnerability in Press This. The second problem is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.Is it interesting for you what changes were made in terms of PHP source code? Let’s try to discover WordPress 2.8.6 Security Release details together. (more…)
