Hot on the heels of the security announcement regarding a large number of plugins yesterday, the WordPress team has released an urgent security update to the WordPress core itself. If you haven’t already, you should once again go back through all of your sites and update WordPress. The good news is, since this is a minor […]
Far-reaching Security Vulnerability Revealed
According to an article on the Sucuri blog today, there is an extremely widespread security vulnerability in many WordPress plugins. The vulnerability seems to be the result of a breakdown in communication, where developers expected a set of core WordPress functions to do one thing, when it actually does another. Essentially, most plugin developers (including those […]
Controlling JetPack in Large Multisite Installations
JetPack is constantly being updated, and it tends to introduce some really cool new features fairly often. However, occasionally, those new features can cause major issues in large multisite environments. There are a handful of plugins out there that let you gain some control over JetPack’s features. Most of them, though, such as Manual Control […]
Quick Tip: Keeping Users Out of the Admin Area
Every once in a while, you may have a need to keep specific user roles out of the administrative dashboard, more than likely to simply keep them from getting confused by the design differences between the front-end and the back-end. Doing so is fairly simple, but there’s one item you have to watch out for. When any AJAX requests […]
Major Drupal Vulnerability
A major exploit in Drupal 7, allowing SQL injection, was reported a few weeks ago. Many security blogs are reporting that all Drupal systems that are running v7 should consider themselves potentially exploited, unless they patched their system on or before October 15 (when the vulnerability was reported). For those of us that constantly hear […]
New Dreamweaver Offers Great New Feature
Let me preface this post by saying: I totally understand that using Dreamweaver as an IDE is laughable to many, but, the bottom line for me is that it’s functional, and has always offered a handful of nice features for straight HTML, CSS and PHP coding. I also understand that a lot of designers have long […]
Potential Cross-Site Scripting Vulnerability in jQuery Scripts
A few days ago, Eric A Mann posted an article explaining a potential XSS vulnerability in various jQuery scripts. The basic premise is that a very common coding practice in jQuery (checking to see if an element exists before trying to use it) could lead to an XSS attack. Essentially, if you use jQuery to […]
WordPress 4.0 Is Here
WordPress 4.0 has been released, and brings with it some pretty nice new features. You can read about many of the new features in the official release announcement. That said, as I’ve begun testing the new release so that we can implement it, I’ve noticed one feature that was removed from the system. You no […]
WordPress 3.9.2 – Major Security Release
If you are using WordPress (and, if you’re reading this site, chances are pretty good that you are), you’ll want to make sure your site gets updated to 3.9.2 right away. WordPress 3.9.2 was released earlier today, and it fixes what’s being reported as a pretty major security hole (which is also present, and has also been […]