Charles did it! After a little more than a week, he released a new episode, so he’s off to a great start with his weekly scheduled release of the WordPress podcast. As WordPress news heats up this year, it will be great to see a quick and consistent release schedule.
Some of the show notes include:
1. WordPress 2.3.3 released: This urgent security release fixes one security bug and several other minor bugs. The security bug affects only blogs that allow users to register: A flaw was found in the XML-RPC implementation a hacker could use to gain access to and edit posts of other users.
2. Several plugins have recently been found to have security vulnerabilities, such as WP-Footnotes v2.2 has cross-site scripting problems. register_globals must be turned on before array elements could execute unsanitized HTML to exploit the plugin. Other plugins with problems: WordsPew v3.x reported an “id” based SQL injection vulnerability, dmsguestbook 1.7.0, st_newsletter 2.x, WP-Cal, Adserve Plugin version 0.2, and WP-Forum 1.7.4
3. Is WordPress Insecure by Design?
4. Prologue is a Twitter-like theme released by Automattic, great for inter-organizational microblogging.
Check out WordPress Podcast: Episode 34. A huge thanks to Charles for getting on the weekly bandwagon. I look forward to Episode 35.