Custom Function Widgets This plugin allows you create widgets for plugins which only provide you with hooks, useful if you have loads of plugins which require you to manually alter your theme files for inclusion. Release Page | Download CodeShield This plugin escapes text inside code tags such that all code gets converted to html characters. For example this plugin will convert > to > if it exists within the code tag. Release Page / Download Random Top Ads This plugin allows you to randomize and display ads to your visitor allowing you to create unlimited number of ads. It also allows the visitors to browse all the ads using a link. Release Page | Download GoCodes Redirection This plugin allows you to shorten your post URLs and distribute it to others. Useful if you want to create tiny URLs that belong to your domain and is easy to remember. […]
[Continue Reading...]
‘WordPress Plugins’ Category
S@BUN is at it again, this time, reporting multiple SQL Injection Vulnerabilities within the Photo Album plugin for WordPress. According to the security bulletin: Multiple vulnerabilities have been identified in Photo Album (plugin for WordPress), which could be exploited by remote attackers to execute arbitrary SQL queries. These issues are caused by input validation errors in the “wppa.php” script when passing user-supplied parameters (e.g. “photo” or “album”) to certain functions (e.g. “wppa_album_name()” or “wppa_photo_name()”), which could be exploited by malicious people to conduct SQL injection attacks. Multiple security advisory services places this round of vulnerabilities as a Moderate Risk. For example, FrSIRT describes the Moderate risk as being: Remotely and locally exploitable flaws, which could lead to denial of Service or privilege escalation. Versions 1.1 and prior of this plugin are vulnerable. As always, it is recommended that you disable this plugin until a patch for it is released. [EDIT] […]
[Continue Reading...]I needed a *quick* and *simple* method to embed YouTube videos into my posts and wrote a small plugin to do just that. This way you do not need to find the embed code from YouTube or do anything special. You just copy the URI of the YouTube video and paste it into the body of your post. This has been tested with 2.3.x and 2.2.x and it works on both. I can add other video and media embed ability if there is request or demand. Installation is simple. Download the zip file, unzip, copy to your wp-content/plugins directory and enable. Then test by copying and pasting a YouTube URI into a post and publishing it. Thats it! Download Plugin: Embedify 1.02 (update) Please leave comments, feedback and requests. [EDIT] Please do not do anything with the URI. If you align it or make a clickable link out of it, […]
[Continue Reading...]A while back I wrote about listing your plugin to the official WordPress plugins directory. The tutorial was for windows and I have been on the look-out for a Mac version. Since I have been unable to find one, I will present to you a step-by-step tutorial on how to add and modify your WordPress Plugin using a Mac. To begin this tutorial, I first have to make some assumptions. My Assumptions Your plugin has already been approved over at WP Extend Plugins. You are running at least OSX Tiger You have WordPress locally installed. If not, please read Jeff’s tutorial on installing WordPress locally. You already have Subversion installed. If not, here’s a good tutorial on installing Subversion on a Mac. If you have Leopard, Subversion is already installed. You have downloaded and installed svnX. svnX has a nice GUI for those who don’t like to use Terminal commands. […]
[Continue Reading...]NBBN has discovered some cross site scripting vulnerabilities for the WP-Footnotes plugin version 2.2 for WordPress. Input passed to the “pre_footnotes”, “priority”, “post_footnotes”, and “style_rules” array elements in the “wp_footnotes_current_settings[]” array in the admin_panel.php script is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user’s browser session in context of an affected site. The good news this time around is that, ‘register_globals‘ must be turned on for exploitation to occur. If you are using this plugin on your site, it is advised that you disable the plugin until a security patch has been released. According to the security bulletin, the solution is to edit the plugin source code to ensure that input is properly sanitized. Again, if you know that your webserver has register_globals turned off, you are in the clear. S@BUN has reported an “id” […]
[Continue Reading...]MultiPage Toolkit MultiPage Toolkit allows you manage multi page posts by allow you to add page title to each page and also allows you to display the number of pages in the post on the index page of the post. Looks like a nice addition as it definitely takes care of one problem I have wanted to overcome in WordPress. Release Page | Download Extended Categories A extension to the default category widget that comes built in with WordPress. This plugin allows you to display the categories as a list or dropdown, show the number of posts per category, hide empty categories and more. Release Page | Download UnderConstruction Shows customizable message on posts and pages containing the [uc] tag. The message can be customized in the Options page. Release Page | Download Tag This The plugin allows readers to tag posts and uses core WordPress tag system to store […]
[Continue Reading...]Calais which is a metadata generation web service that is powered by Reuters is offering up a $5,000.00 bounty to anyone who can develop a plugin that meets the following criteria. Tag auto suggestion: Using the content of the blog entry the plugin will provide a list of suggested semantic tags. For example, if the post talks about company “a” buying company “b” the plugin would suggest “Acquisition”, “Company A” and “Company B” as potential tags Semantic cloud: We all love tag clouds and we’d like to take it a step further. The plugin should support the generation of a configurable semantic tag cloud of entities and facts derived from the blog’s content GUID Incorporation: The Calais web service returns a Globally Unique Identifier (GUID) for each document submitted. The plugin should modify the RSS feed for the site to incorporate the GUID in a TBD location. Calais looks like […]
[Continue Reading...]According to an advisory released by Packetstorm, a fellow by the name of g30rg3_x has discovered two bugs within Dean’s Permalinks Migration Plugin version 1.0. The first bug relates to XSRF and can allow an attacker to force a user to perform an unsolicited action that when combined with an XSS bug that has also been discovered, allows the attacker to gain valid credentials. g30rg3_x actually provides a detailed explanation into the problem: Since the variable $dean_pm_config[‘oldstructure’] its not correctly sanitized (when retrieving), this allow any user to store/save “malicious code” inside the database and later be injected this “malicious code” when the data is retrieved. Using the XSRF as a “combo” we can create crafted pages that will force users to conduct this injection and steal some valid credentials to the WordPress based CMS. g30rg3_x has tried to contact the author of the plugin but has not had any […]
[Continue Reading...]AutoInfo Autoinfo is a plugin which allows you to show information such as users online, registered users, feed subscribers, number of posts, number of ping backs, top 3 commented posts, comments, comments per post, top three commentators and more. Release Page | Download Socialize Me Socialize Me is a plugin which allows you to show custom messages to users visiting your site from Social Networking sites like StumbleUpon, Facebook, Digg, Delicious, Pownce, Twitter, Bebo and more. You can customize each of the messages that will be shown to the user. Release Page | Download OutOfDate OutOfDate is a plugin which shows a message above all the posts older than the specified number of months. Provides and option to customize the message, layout and number of months beyond which posts should carry the message. Release Page | Download Blogger to WordPress Redirection The plugin allows you to redirect individual blogger posts […]
[Continue Reading...]About the Author
- Keith Dsouza
Categories
- bbpress
- Best of WordPress
- Blog Templates Blog Skins Blog Themes
- Blogging
- Blogging Essays
- Blogging News
- brainstorming
- buddypress
- Business of Blogging
- CMS
- Code
- Cold Fusion
- Community Interviews
- Cool Scripts
- General
- HOW-TO
- LinkyLoo
- Movable Type Plugins
- Photolog Script
- Podcasting
- QuickLinking
- Spam
- SXSW
- TLA
- Tutorials
- User Reviews
- Web Design
- Web Ethics
- Weblog Add-Ons
- Weblog tools blog tools blogging tools
- Weekly Plugin Review
- WLTC Community
- wordcamp
- WordPress
- WordPress Discussions
- WordPress FAQs
- Wordpress for Beginners
- WordPress Hack
- WordPress News
- WordPress Plugin Competition
- WordPress Plugins
- WordPress Polls
- WordPress Security
- WordPress Templates WordPress Skins WordPress Themes
- WordPress Tips
- WordPress Tools
- WordPress Troubleshooting
- WordPress Weekly
- WordPress Widgets
- WordPress WishList
- XHTML Tips
Obviously Powered by WordPress. © 2003-2013
