Digital Strategist

WordPress Developer

Content Creator

Unapologetic Punk

Mitch Canter

WordPress 3.0.5 is Released

CMDR Mitchcraft

Reading time: 1 minute

Another security release – here’s what it fixes:

  • Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role. (r17397, r17406, r17412)
  • Fix XSS bug: Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role. (r17401)
  • Fix potential information disclosure of posts through the media uploader. Affects users of the Author role. (r17393)
  • Enhancement: Force HTML filtering on comment text in the admin (r17400)
  • Enhancement: Harden check_admin_referer() when called without arguments, which plugins should avoid. (r17387)
  • Update the license to GPLv2 (or later) and update copyright information for the KSES library.

Go forth, and update!

  • The Best WordPress Social Sharing Buttons

    The Best WordPress Social Sharing Buttons

    Reading time: 1 minute

    If you run a blog (or a church site with some sort of event calendar or news section), having a place where your visitors and members can share your content is absolutely invaluable.  Sometimes all it takes is for people to start spreading the word about an event. By giving them the chance to do so,…

  • Latest WordPress Hack – Check your Permalinks, People!

    Latest WordPress Hack – Check your Permalinks, People!

    Reading time: 2 minutes

    I’ll type this without the normal pleasantries to make sure this gets out quickly. There’s a WordPress hacker on the loose, and he’s pretty sneaky – he creates a user unseeable to the naked eye (except for the one extra user in the administrator users menu) and masks himself to you, making it easy for…