JaypeeOnline // Blogging News & Reviews

WordPress For Dummies

The book “WordPress For Dummies” was launched today and is now available at local bookstores, Amazon.com, Barnes and Noble, Books-A-Million and Dummies.Com, while the e-book version can be purchased from Wiley.com.

From the author’s blog:

About the book
WordPress is powerful software known for helping bloggers share their thoughts online. Whether you want to set up a blog in the WordPress community, add a blog to another site, or build your own …

Automattic Being Acquired?

Barely two weeks after they acquired Gravatar, unverified reports or rumors are spreading that Automattic itself will be acquired.

How much you ask? Automattic, the company behind popular blogging platform WordPress is said to be valued right now between $150 million to $300 million and I’m sure they would be looking to sell the company as high as possible. There are several companies interested in acquiring Automattic and …

WordPress 2.3 “Dexter” Is Out!

If you don’t know yet, WordPress 2.3 or “Dexter” as the WordPress team calls it has been officially released a few hours ago. This version is named after the great tenor saxophonist Dexter Gordon. I know some WordPress have been dreading this release, while others are anxious and excited about it.

Brand New and/or Improved Features:

• Native tagging support
• Update notification
• Canonical URLs
• Pending Review
• Advanced WYSIWYG
• Full Atom 1.0 support
• New jQuery
• Taxonomy system
• New method of doing SQL queries

Because of the …

WP Theme Generator Updated

For those of you who use or have used the WordPress Theme Generator, you might want to know that it has been updated and now supports WordPress 2.3, Tags, Tag clouds as well as article tags. Aside from that, WP Theme Generator has more color options to choose from and it’s codes are now XHTML standards compliant.

For those who don’t know what it is, WordPress Theme Generator is an online site that generates …

WordPress 2.3 Plugin Compatibility

WordPress 2.3 is gonna be released pretty soon but before you get all excited, there’s something you might want to know before you upgrade your WordPress installation. If you aren’t aware of it yet, this version has some plugin compatibility issues due to some schema changes that can result in breaking the plugins that you’re currently using.

WP 2.3 changes the database schema in 3 ways but the one with the biggest impact are the …

WordPress 2.2.3 Security Release

2.2.3 is a security and bug-fix release for the 2.2 series. Since this is a security release, we suggest you upgrade immediately. Two of the fixes are high priority.

WordPress 2.2.3 was released two days ago. I usually upgrade A.S.A.P but I wasn’t to do it during the weekend because I was busy. It was only now, Sunday night that I had enough time to do the upgrade. So if you were here earlier and …

WordPress Plugin & Mod Competition Winners

Update:
A certain Spanish blog has pointed out some security issues in these plugins that involves CSRF* and XSS* vulnerabilities. Some of the plugin authors are pissed off because the blogger didn’t contact them first about the security issues and that there’s no proof of concept. No need to panic though because the vulnerabilities in question aren’t that dangerous and are limited to logged in users only.

Mark Ghosh of Weblog Tools Collection announced the winners of the WordPress Plugin and Mod competition yesterday. Here are the names of the winners and their winning entries in reverse order:

Consolation Prize Winner: Ozh for the Who Sees Ads plugin.

The WhoSeesAds plugin lets WordPress users know who sees their blog ads. Ozh wins hosting from Pajama Mommy and a 48″ wallhog from Wallhogs.com

Top 10 Vulnerable WP Themes

BlogSecurity an organization that deals with web blog security recently posted a list of the top 10 WordPress themes that are vulnerable to Cross-Site Scripting due to template flaws.

1. field-of-dreams
2. tarski
3. mandigo-14,1.22
4. connections
5. default
6. freshy
7. redoable
8. k2
9. vistered-little-1.6a
10. wp-multiflex-3

WordPress Bits

WordPress Bits is not just another WordPress blog. This blog focuses on the development and customization of everything associated with WordPress whether it’s for a standalone installation, WordPress.com accounts or WordPress MU. WordPress Bits is authored by Sysadmin, entreprenuer and blogger Leonid Mamchenkov.

WordPress Bits will feature topics focusing on the following areas: WordPress customizations, WordPress development, WordPress internals, WordPress as a web application framework and WordPress as a CMS (Content Management System).

WordPress 2.2.2 & 2.0.11 Security Upgrades

EDIT: I’ve added the list of files that needs to be updated or overwritten.

Security-related upgrades were released earlier today for users of both the 2.2 branch and 2.0 legacy branch or WordPress. Wordpress 2.2.2 and 2.0.11 addresses certain security issues and some minor bug fixes so you won’t have to worry about it messing up your Wordpress theme or plugins.

If you’re an intermediate user or familiar with WordPress files and folders, you don’t have to do a full upgrade. All you need to do is identify the modified files, get the updated ones and then overwrite the existing ones on your web folder. (Assuming that you’re already running version 2.2.1).

Warning to Wordpress & Joomla Theme Users

Found this article from Derek Punsalan’s blog 5ThirtyOne.

Templates Browser dot com is collecting Wordpress & Joomla public themes and modifying them by inserting hidden spam or malware links that can compromise the end user then re-distributing it in their site. These spam and malware links are inserted in a functions.php file that comes with each theme download.

Derek’s popular Wordpress theme 5ThirtyOne V2 is one of the themes being re-distributed by Templates Browser. Other themes in their list include the Fresh theme by iLemoned and the NotSo Fresh theme which I previously used here in my blog.