The WordPress team is currently hard at work in completing version 2.9 but that doesn’t mean they’re going to allow their older versions to be open with vulnerabilities.
As a security release, WordPress releases version 2.8.6 which fixes two security problems that can be exploited by untrusted users in your blog who have posting privileges.
The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch. The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations.
Download version 2.8.6 from WordPress.org or you could just upgrade automatically through your blog’s WordPress Dashboard.
If you are a Wordpress user who owns an iPhone and you still don’t know, there’s this free application on the iPhone called Wordpress for iPhone that let’s you write posts, upload photos, edit pages, and moderate comments on your Wordpress blog just by using your iPhone.
To know more about this plugin you can watch the video below from WordPress.TV which gives a basic introduction of what the application can do.
The app supports both Wordpress.com and self-hosted WordPress and is currently in version 2.0. Best of all, it’s free!
We all know that there are millions of Wordpress users all over the globe. Wouldn’t it be nice to see where they are located? With WPWorldMap.net, now you can!
WPWorldMap.net is a new website created by Oliver Schloebe of WPSeek.com that lets Wordpress users mark their location onto a map for others to see. Each marked location reveals user profiles complete with personal information, a link to their blogs, and also their Twitter accounts.
Powered by Google Maps, the site is relatively easy to use. To map yourself all you need to do is to place a pin marker on your location and then signing up by filling in the required fields on the site’s registration form. It’s so easy that it only takes a few minutes.
Surveying the world map, on the other hand, is as easy as clicking and dragging. You can zoom in and out and even display the world in terrain, map, or satellite form. There’s also a search functionality that let’s you search according to users. You can even add a filter if you just want to display Wordpress users, developers, core developers, Wordpress related companies, or even fans.
The great thing about this new site is that it gives us a good picture of how many Wordpress users there are, not just in the whole world, but also in a particular country or area. This is great tool if you want to find out if there are any Wordpress users near your location which is ideal for making new friends and for blog networking!
But of course, the site needs the cooperation of the community as it cannot populate itself. So if you don’t mind revealing your location to others, why not sign up and map yourself now. Oh, and don’t forget to share it to your friends!
Before, there was no way of finding out whether your plugins would still be compatible if you would upgrade your Wordpress other than crossing your fingers and trying it out for yourself. If no problems were encountered then, hooray, lucky you. If problems did arise then you have no choice but to revert back to the previous version and hope that the plugin developers would make haste in making their plugin compatible.
This is the main reason why most people are afraid to upgrade to the latest version of Wordpress. Thank God Wordpress is always on the lookout for better ways of making things easier for its community. Alas, comes the birth of the Plugin Compatibility Beta.
Compatibility Check
If you would drop by the Wordpress Plugin Directory you would notice that there is a new section titled “Compatibility” found on the right sidebar of every plugin homepage . This is a new feature that aims to help inform people on whether a version of a plugin is compatible on a particular version of Wordpress based on the votes casted by those who have already tested it.
So if you’re not sure whether you should upgrade, just check out the Plugin compatibility consensus of the plugins your using. Though it doesn’t tell us exactly what made the plugin incompatible, at least it gives us a good overview on whether we should continue the upgrade or not.
Powered by the Wordpress Community
Of course, this feature would not work without the input of the community as it is mainly powered by votes. If you do happen to experience any problems with your plugins, then please take the time to inform everyone else! All you have to do is to go to the Plugin’s page and log in to vote.
The voting process is simple. Just specify the version of Wordpress and the plugin and click on whether it is “broken” or if it “works”. After that, Wordpress would automatically log your vote and it will be added to the “consensus” along with the votes of other users.
Wordpress warns users, however, that this feature should not be used to report any minor issues with the plugin. You should only vote “Broken” if the plugin is indeed broken to the point that it is unusable or causes problems with your blog. Otherwise, it might give an inaccurate consensus.
Plugin Compatibility is still in Beta so we should expect more improvements to their system soon. I am hoping that Worpdress would soon integrate this inside the Wordpress Dashboard for easy access.
More power to Wordpress and its community!
What do you think about this new feature? Do you have any other suggestions that could make it better?
Many people thought WordPress 2.8 would be released on June 10th, and only an hour and a half before the end of the day in EDT, my time zone, the button was pressed. WordPress 2.8 “Baker” is out.
2.8 represents a nice fit and finish release for WordPress with improvements to themes, widgets, taxonomies, and overall speed. We also fixed over 790 bugs.
I am looking forward to seeing what plugins and themes break with the new version, as well as what most people think of it. I just started playing around with the 2.8 Release Candidate One today, and so haven’t dived deep into what 2.8 offers, but many say that the improvements, rather than the new features are what makes this release so great.
What’s next? Well, Matt mentions it in the WordPress blog:
We’re already thinking hard about the next versions, 2.9 and 3.0. Keep an eye out for improved media handling, better dependency checking, versioning of templates and themes, and of course the fabled merging of WordPress and MU announced at WordCamp San Francisco two weeks ago.
Try out WordPress 2.8 and let me know what you think of it. I hope that this, unlike most releases, won’t “have” to have a point-one release to fix any glaring security errors.
Today, I logged into Blogging Pro and saw an interesting message that caught my eye: “Akismet has protected your site from 1,034,305 spam”.
I can’t believe that Akismet has protected this blog from over a million spam. Started in October 2005, Akismet has been bundled with WordPress almost since its inception.
Without Akismet, and most other anti-spam tools, estimating a minute for every thirty spam comments, it would have taken me almost twelve full days of time to manage myself, or a few hours each and every month.
It is both sad that we have this problem that needs to be taken care of, and exciting that we have solutions to make our lives easier. Where do you sit with your Akismet spam protection?
So today I hit the road to attend the first annual WordCamp Chicago, an event that is sure to be fun and interesting. Many of the people online that I connect with on a fairly regular basis will be there, some have already arrived in the windy city, while many more will be arriving throughout today and early tomorrow.
My wife is coming along with me, not to attend the conference, but because this might be the only “vacation” we get this year, so more than just the conference, we are going to try to make the most of our trip.
I am looking forward to interacting with the people that attend, and hope that everyone is half as excited as me (I could barely sleep last night, it was like waiting for Christmas morning).
If you want more information on what’s going on, Jeff Chandler has already started a back channel on his WPTavern Forum. This is a great place to list where you’ll be, what you want to do, and what you thought of sessions as we go through the one and a half days.
While there is no plan for video recording of the sessions, Jeff might also be live-streaming some of the sessions over UStream.
Lastly, and most importantly, if you see the guy in the picture with this post, wish him a Happy Birthday. It will be Jeremy Wright’s 30th birthday!
So, as I hope you can all see, Blogging Pro has received a design refresh. After launching our Blogging Pro theme a long time ago as a free to download theme, it seemed only wise to differentiate ourselves from those using that theme. If you are reading this site via a feed reader, it is time to come over and check out the new design.
I have been having some issues with the new theme that I am working on fixing, but they seem to be ingrained into WordPress, and so might take me a little while to rectify.
Other than one or two small issues, I am very impressed with both the design and implementation of this WordPress theme. Designed by James McDonald, the same person that did my site Branding David, James has done an amazing job with the revamp of Blogging Pro.
I am excited to hear what you think of this new design, and going forward, I hope you enjoy the refresh as well. I will talk about the coding process in an upcoming post.
Sidenote/Update: A huge thanks to Sivel in the WordPress IRC chat for helping me through a strange problem I was having.
If you need to be on the “bleeding edge” of WordPress, today is a good day. WordPress 2.8 Beta 1 has arrived. I’d suggest holding off a while before using it for any live blogs/sites, but it has some shiny features, so checking it out is highly recommended.
Just a few of the new features and changes…
-Add CodePress syntax highlighting to Theme and Plugin editors
-Use “Custom Header” for menu text and revise Default theme to reflect change
-Don’t notify post author of own comments
-Allow the dashboard widgets to be arranged in up to four columns as set via the Screen Options tab
-Autosave post/page when pressing Control/Command+S
-Add toggle all button to the Gallery tab in the uploader
-Support more than one gallery on the same page
-Check for new version when visiting Administration > Tools > Upgrade
-Add per page option to Screen Options for comments, posts, pages, media, categories, and tags
-Fix most popular link category list
-Hide email addresses from low privilege users on Administration > Comments
-Enforce unique email addresses in Add/Edit users
I usually wait for the Release Candidate version before playing with new updates much, but I think I’ll test this one out a bit. I’m hearing good things so far.
Anyone else using 2.8 Beta 1 already, and if so, what do you think? Worth dealing with “Beta 1″?
One Comment
If you want more information on what’s going on, Jeff Chandler has already started a back channel on his 
