Episode 34: WordPress 2.3.3 released, more security problems and Prologue

If you're new here, you may want to subscribe to my RSS feed. Thanks for visiting!

 
icon for podpress  Standard Podcast [32:05m]: Play Now | Play in Popup | Download

Okay, so I’m a few days late getting this episode out, but at least it’s not 2 months late!

Covered in this episode:

  1. WordPress 2.3.3 released: This urgent security release fixes one security bug and several other minor bugs. The security bug affects only blogs that allow users to register: A flaw was found in the XML-RPC implementation a hacker could use to gain access to and edit posts of other users.
  2. Several plugins have recently been found to have security vulnerabilities, such as WP-Footnotes v2.2 has cross-site scripting problems. register_globals must be turned on before array elements could execute unsanitized HTML to exploit the plugin. Other plugins with problems: WordsPew v3.x reported an “id” based SQL injection vulnerability, dmsguestbook 1.7.0, st_newsletter 2.x, WP-Cal, Adserve Plugin version 0.2, and WP-Forum 1.7.4
  3. Is WordPress Insecure by Design?
  4. Prologue is a Twitter-like theme released by Automattic, great for inter-organizational microblogging.
  5. Design Canopy has released a theme along with a set of instructions that allows you to use WordPress install as a taggable, searchable contact manager that can be made into a Members Only system and display related contacts.
  6. The addition of WordPress in the Kazakh language brings to 58 the number of languages WordPress covers.
  7. Calais is offering a $5,000.00 bounty to anyone who can develop a plugin that does specific things involving tags.
  8. WordCamp Hamburg (Germany) was a success. “It was a very lively camp with excellent sessions, intense socializing and networking.”
  9. WordPress.com adds more statistics features for tracking your blog stats. You can now see summarized stats for referrers, search terms, and clicks in addition to blog posts.
  10. Content Theft and WordPress explains the difference between WordPress.com and WordPress and reporting copyright violations.
  11. Automattic introduces the Prologue WordPress Theme on WordPress.com.
  12. There are now 3 gigabytes of free storage on WordPress.com blogs.
  13. More WordPress and WordPress.com news on the Blog Herald

12 Comments