New Plugins WP-CommentNavi Have nicer/advanced pagination for your comments in WordPress 2.7 Lolcats Widget Plugin This simple plugin retreives the latest lolcat and displays it on a widget. It caches it for two hours so it won’t slow up the process of loading each time. Popupper Allows a blogger to insert links that when the reader mouses over the links it shows a popup. WP-NoSpamUser “WP-NoSpamUser” is all about blocking potential spammers from registering on your blog. EasySMS EasySMS is a great way for WordPress administrators to txt message their registered users and broadcast a new post to user’s cell phones. Auto Post Images (API) This plugin will automatically put images into each post. The images are automatically added to posts and not to pages. Good for sites that host recipes. Alphabetical List Order your posts alphabetically for each selected categories. Comment Approved Notifier The plugin sends an e-mail to […]
[Continue Reading...]
Comment Remix Security Bulletin
Normally, we usually keep a maximum of two posts a day that are published on WeblogTooolsCollection as a means of keeping your dashboard from being overcome by us. However, considering that the following security bulletin has been published concerning the plugin (WP Comment Remix) and it won the WeblogToolsCollection plugin competition, I felt it was important to pass along this security bulletin to you. According to the bulletin that was published by Chxsecurity.org version 1.4.3 contains the following vulnerabilities: SQL Injection: caused by unsanitized variable “p” in the ajax_comments.php file. Cross Site Scripting: This affects authenticated and unauthenticated users. Cross Site Request Forgery: the form generated through wpcr_do_options_page lacks the WordPress wp_nonce security function. These vulnerabilities are considered HIGH risks however, the latest version (1.4.4) apparently addresses these issues. If you are using this plugin on your blog, be sure to upgrade it to the latest version.
[Continue Reading...]