By Brandon

Brandon is a jack-of-all-trades. He got started programming with ActionScript and now spends most of his time in the WordPress Codex.

La Aventura Del Amor

Last Tuesday evening, Jeffrey and I participated in the 3rd Annual Krochet Kids international Gala. We knew that it was going to be awesome, but had no idea how much progress they have made in their efforts in Uganda. They announced that 2010 will officially mark the year that their program in Uganda was fully sustained by hat sales alone. This is a HUGE accomplishment for them. Not only are they a huge success story, but they continue to expand their business and grow as human beings.

Read more

Introducing…”Social Me”

I gave another demo of the Social me plugin this evening at the Orange County WordPress meetup. It went over well, so I think it's ready enough to get it in your hands. (don't forget to follow Jeffrey's tips on backing up WordPress before installing it). Hopefully getting it out in the wild a little bit will encourage other developers to get involved. If you're not a coder, but believe in the idea, the best thing you can do is give us your feedback so we can improve the plugin. The links to the download are after the jump.

Read more

(PLUGIN) Conversation Manager

Plugin-IconIt has been said that the majority of readers don’t comment on blog posts because they don’t feel like they have anything specific to add to a conversation.

This plugin allows you to prompt your readers to comment by asking them to answer a question specific to that post. A simple box with text that you define when writing your post is added above the comment form. The box can be styled to match your site by adjusting some predefined options. Read more

Secure WordPress with 2.8.6

upgrade-wordpressWordPress 2.8.6 was released today. It includes some security fixes for vulnerabilities found by WordPress users.

As always you can get the newest version of WordPress from the WordPress.org download page. We recommend always upgrading WordPress to the latest stable version available. If you don’t have the time or don’t know how, you can always hire us to make the upgrade for you. Just fill out the form on our “need help?” page and we’ll be in touch.

2.8.6 fixes two security problems that can be exploited by registered, logged in users who have posting privileges.  If you have untrusted authors on your blog, upgrading to 2.8.6 is recommended.

The first problem is an XSS vulnerability in Press This discovered by Benjamin Flesch.  The second problem, discovered by Dawid Golunski, is an issue with sanitizing uploaded file names that can be exploited in certain Apache configurations. Thanks to Benjamin and Dawid for finding and reporting these.