Okay, so I’m a few days late getting this episode out, but at least it’s not 2 months late!
Covered in this episode:
- WordPress 2.3.3 released: This urgent security release fixes one security bug and several other minor bugs. The security bug affects only blogs that allow users to register: A flaw was found in the XML-RPC implementation a hacker could use to gain access to and edit posts of other users.
- Several plugins have recently been found to have security vulnerabilities, such as WP-Footnotes v2.2 has cross-site scripting problems. register_globals must be turned on before array elements could execute unsanitized HTML to exploit the plugin. Other plugins with problems: WordsPew v3.x reported an “id” based SQL injection vulnerability, dmsguestbook 1.7.0, st_newsletter 2.x, WP-Cal, Adserve Plugin version 0.2, and WP-Forum 1.7.4
- Is WordPress Insecure by Design?
- Prologue is a Twitter-like theme released by Automattic, great for inter-organizational microblogging.
- Design Canopy has released a theme along with a set of instructions that allows you to use WordPress install as a taggable, searchable contact manager that can be made into a Members Only system and display related contacts.
- The addition of WordPress in the Kazakh language brings to 58 the number of languages WordPress covers.
- Calais is offering a $5,000.00 bounty to anyone who can develop a plugin that does specific things involving tags.
- WordCamp Hamburg (Germany) was a success. “It was a very lively camp with excellent sessions, intense socializing and networking.”
- WordPress.com adds more statistics features for tracking your blog stats. You can now see summarized stats for referrers, search terms, and clicks in addition to blog posts.
- Content Theft and WordPress explains the difference between WordPress.com and WordPress and reporting copyright violations.
- Automattic introduces the Prologue WordPress Theme on WordPress.com.
- There are now 3 gigabytes of free storage on WordPress.com blogs.
- More WordPress and WordPress.com news on the Blog Herald