Posted on February 14th, 2013
If you use Mailchimp for managing your email lists, then you may want to check out this notice from them. More than likely this will not affect you but it’s still a good idea to make sure any integrations your website or social media has tied into MailChimp still works after February 18th.
Here’s their notice: Continue reading “MailChimp Huge Update Feb 18” »
Posted on January 25th, 2013
WordPress 3.5.1 is now available. Version 3.5.1 is the first maintenance release of 3.5, fixing 37 bugs. It is also a security release for all previous WordPress versions. For a full list of changes, consult the list of tickets and the changelog, which include:
- Editor: Prevent certain HTML elements from being unexpectedly removed or modified in rare cases.
- Media: Fix a collection of minor workflow and compatibility issues in the new media manager.
- Networks: Suggest proper rewrite rules when creating a new network.
- Prevent scheduled posts from being stripped of certain HTML, such as video embeds, when they are published.
- Suppress some warnings that could occur when a plugin misused the database or user APIs.
Additionally, a bug affecting Windows servers running IIS can prevent updating from 3.5 to 3.5.1. If you receive the error “Destination directory for file streaming does not exist or is not writable,” you will need to follow the steps outlined on the Codex.
WordPress 3.5.1 also addresses the following security issues:
- A server-side request forgery vulnerability and remote port scanning using pingbacks. This vulnerability, which could potentially be used to expose information and compromise a site, affects all previous WordPress versions. This was fixed by the WordPress security team. We’d like to thank security researchers Gennady Kovshenin and Ryan Dewhurst for reviewing our work.
- Two instances of cross-site scripting via shortcodes and post content. These issues were discovered by Jon Cave of the WordPress security team.
- A cross-site scripting vulnerability in the external library Plupload. Thanks to the Moxiecode team for working with us on this, and for releasing Plupload 1.5.5 to address this issue.
Download 3.5.1 or visit Dashboard → Updates in your site admin to update now.
Posted on January 8th, 2013
If you are running a WordPress website and you can’t remember the last time you updated WordPress and your installed plugins, then this is for you!
Updating WordPress and plugins regularly ensures that your website is running with the latest features and most importantly has all of the latest security patches applied. Just like with your computer updates, your website system needs to be updated regularly too to minimize the threat of a hacker exploiting your site.
To make sure you are staying on top of your WordPress updates, we are releasing a new monthly service where we will update your WordPress install and all your plugins at least once a month for $15 a month.
If you are interested, contact us here or call us at 919-374-3014.
Posted on December 12th, 2012
The folks at WordPress released the 3.5 update and we recommend upgrading. It provides several aesthetic updates, support for Retina displays and reworks the image management area to make it more user friendly. For a full writeup on the update, click here.
Posted on June 14th, 2012
WordPress 3.4 has been released! We recommend that everyone running WordPress to upgrade as it will ensure a more secure and faster running site, plus some other neat additions. According to The WordPress website, “This release includes significant improvements to theme customization, custom headers, Twitter embeds (see example of one below), and image captions.” Click here for more details!
Posted on April 21st, 2012
The latest release, 3.3.2, of WordPress is now available. We recommend that everyone upgrade their installs of WordPress and and plugins you are running to ensure you are running the most secure and reliable system for your website. Here are the details of the release.
Posted on March 16th, 2012
If you run a WordPress website, especially if you use a pre-built template, there is a good chance that your theme uses the timthumb.php script for resizing images. That script was found to be exploitable several months ago, and there has been updates released to patch your file, but many don’t know how to do it or even that they need to.
Enter the Timthumb Vulnerability Scanner. This is a free plugin for WordPress that will scan your site to see if you are using an outdated version of the timthumb.php file and if so, fix it for you.
If you host with Page Progressive, then we’ve scanned our server and patched any old timthumb.php files but if you are hosting elsewhere, it’s possible your host has not scanned for it and you may need to check to make sure you are not vulnerable to this exploit. It could lead to your site getting hacked and allow malware to be distributed though it, and that will ruin just about anyone’s day.
Posted on March 7th, 2012
We ran into this article and felt we should share this as a reminder to all website owners to keep their WordPress install and plugins up to date. To our knowledge, none of our clients are running the “ToolsPack” plugin that I am aware of unless they installed it themselves, but we still HIGHLY recommend that you always update your WordPress and plugins regularly. It’s very simple to do in the admin area. Here is a video explaining how.
Read the full article here.
Posted on January 4th, 2012
Please note the below update from the WordPress team. If you are running WordPress, don’t forget to update your plugins and WordPress regularly!
WordPress 3.3.1 is now available. This maintenance release fixes 15 issues with WordPress 3.3, as well as a fix for a cross-site scripting vulnerability that affected version 3.3. Thanks to Joshua H., Hoang T., Stefan Zimmerman, Chris K., and the Go Daddy security team for responsibly disclosing the bug to our security team.
Posted on July 13th, 2011
Yesterday Matt Mullenweg, a bigwig with the WordPress content management system, posted this:
Last week we released WordPress 3.2, a version focused on making WP faster and lighter with a refreshed dashboard, new Twenty Eleven theme, a zen writing mode, and more: http://wordpress.org/news/2011/07/gershwin/
We waited to email because there were some issues with the JSON module on some web hosts, which the just-released version 3.2.1 fixes. Download from WordPress.org or click the update button in your dashboard to get the latest.What else is new? We’re doing a census of the WordPress World, if you have 5 minutes take this survey:
We’re going to tally up the results and present them in my State of the Word talk next month in San Francisco, so send it to everyone you know who uses WordPress so we get the most representative sample.
There are also some fun WordCamps approaching in San Diego, Portsmouth, Boston, Chicago, Fayetteville, St. Louis, San Francisco, and Los Angeles:
Hope to see you at one soon!