Digital Strategist

WordPress Developer

Content Creator

Unapologetic Punk

Mitch Canter

WordPress 3.0.5 is Released

CMDR Mitchcraft

Reading time: 1 minute

Another security release – here’s what it fixes:

  • Fix XSS bug: Properly encode title used in Quick/Bulk Edit, and offer additional sanitization to various fields. Affects users of the Author or Contributor role. (r17397, r17406, r17412)
  • Fix XSS bug: Preserve tag escaping in the tags meta box. Affects users of the Author or Contributor role. (r17401)
  • Fix potential information disclosure of posts through the media uploader. Affects users of the Author role. (r17393)
  • Enhancement: Force HTML filtering on comment text in the admin (r17400)
  • Enhancement: Harden check_admin_referer() when called without arguments, which plugins should avoid. (r17387)
  • Update the license to GPLv2 (or later) and update copyright information for the KSES library.

Go forth, and update!

  • Latest WordPress Hack – Check your Permalinks, People!

    Latest WordPress Hack – Check your Permalinks, People!

    Reading time: 2 minutes

    I’ll type this without the normal pleasantries to make sure this gets out quickly. There’s a WordPress hacker on the loose, and he’s pretty sneaky – he creates a user unseeable to the naked eye (except for the one extra user in the administrator users menu) and masks himself to you, making it easy for…

  • 50 Days to a Better Blog–Day 5: Switching to Drupal

    50 Days to a Better Blog–Day 5: Switching to Drupal

    Reading time: 1 minute

    I can’t even type this post with a straight face – nothing but love to all of my Drupal friends, though! It has its time and place, but for a blog, WordPress is always the way to go. The real Day 5 Post is coming soon.