Tag Archives: news

WordPress Security: Passwords Reset

Posted on by
Reply

A potential security breach last night prompted a response from the WordPress team to reset all passwords across WordPress.org, bbPress.org and BuddyPress.org

Earlier today the WordPress team noticed suspicious commits to several popular plugins (AddThis, WPtouch, and W3 Total Cache) containing cleverly disguised backdoors. We determined the commits were not from the authors, rolled them back, pushed updates to the plugins, and shut down access to the plugin repository while we looked for anything else unsavory.

Matt Mullenweg

I’ve already reset my password as well as changing it to something more secure after the first reset. If you haven’t had a chance to update your information across the mentioned network – please do so.

Another important note is: “if you use AddThis, WPtouch, or W3 Total Cache and there’s a possibility you could have updated in the past day, make sure to visit your updates page and upgrade each to the latest version”.

See the original article here.

WordPress Plugin: Staff Listings now has reviews!

Posted on by
Reply

We’ve now added the basic features for reviews to be added for staff members using our plugin here at DealerTrend, Inc..

So now as your co-workers and clients write reviews about your staff you can post them online for the masses!

This will help with transparency between the company and the customer – which I believe is important.

I will keep you posted as we improve upon it.

Important Security Update: Upgrade WordPress to 3.0.4

Posted on by
Reply

As per their official announcement:

Version 3.0.4 of WordPress, available immediately through the update page in your dashboard or for download here, is a very important update to apply to your sites as soon as possible because it fixes a core security bug in our HTML sanitation library, called KSES. I would rate this release as “critical.”

I realize an update during the holidays is no fun, but this one is worth putting down the eggnog for. In the spirit of the holidays, consider helping your friends as well.

If you are a security researcher, we’d appreciate you taking a look over this changeset as well to review our update. We’ve given it a lot of thought and review but since this is so core we want as many brains on it as possible. Thanks to Mauro Gentile and Jon Cave (duck_) who discovered and alerted us to these XSS vulnerabilities first.

Continue reading

WordPress Plugin: Staff Listings, has gone public!

Posted on by
Reply

For the last week we’ve been putting together a product for our customers here at DealerTrend, Inc.

Today we decided to make it open source! Opening the project to the masses will keep the code quality high and it will lend itself to resolving any persistent issues that may exist.

Feel free to head on over to GitHub to check it out!

GitHub: WordPress Plugin: Staff Listings

WordPress to Stop Supporting PHP 4 and MySQL 4!

Posted on by
Reply

Update: As of July 4th 2011, this is now a reality. Here’s the article.

Well kiddies, we’re ringing in the new year with what I believe to be good news! WordPress is going to stop supporting PHP 4 and MySQL 4 – this means we get to have more freedom in the way we extend upon WordPress! /happydance

Straight from the WordPress Codex:

Switching to PHP5 « WordPress Codex

From version 3.2 (Estimated to arrive in 2011), WordPress will cease to be supported under PHP 4, with the minimum required PHP version being PHP 5.2.

Continue reading