Plugin Update

Oct 8, 2007

Filed Under: WordPress

If you’re a fan of the FeedBurner FeedSmith plugin, which redirects all of your original WordPress feeds to FeedBurner you’ll want to upgrade immediately as a potential security vulnerability had been uncovered.

Some WordPress plugins that permit the entry of user-entered values, such as older versions of FeedSmith, can be vulnerable to what is called a “cross-site request forgery.” Without getting overly technical, this permits someone to change WordPress plugin settings on your system without you noticing during the time you are signed into your WordPress control panel. And no one wants that.

You can get version 2.3 of the plugin from FeedBurner here.

2 Comments so far. Click here to join the discussion!

Werner Patels

I have really grown wary of plugins and widgets. Not only do they pose a risk, as your story shows, but they also tend to slow down the download of one’s blog.

Oct 8th, 2007
Len Kutchma

Hi Werner,

Actually I’ve never been a huge fan of widgets as I prefer hand coding. With respect to plugins they certainly can be exploited. WordPress, being coded in PHP, can be somewhat vulnerable to unscrupulous persons.

And I agree that too many gadgets can adversely affect load times.

Oct 8th, 2007

Reply to “Plugin Update”

Please note: Comment moderation is in effect. It may take some time for your comment to appear. There is no need to resubmit it.

Off-topic comments, personal attacks, obvious spam and support requests will likely not make it out of moderation. This site does not necessarily endorse or agree with comments left here.

Please Note

Due to my inbox becoming overwhelmed please forward support requests to the WordPress Support Forums. This blog is my personal space and I'll not respond to support requests here. Comments along the same lines will not make it out of moderation. Thanks for your understanding.

Pages

All internal pages

Great Reads

Friends of RiteTurnOnly.com

Welcome

Welcome to riteturnonly.com where you will find musings on a variety of topics. While the main emphasis of this site is politics I've been slowly shifting the focus away to other things most notably WordPress.

We are a member of the Blogging Tories Network, home of Canada's finest bloggers. Subscribe to the BT podcast using your favourite podcast software. Want to be a part of the most dynamic political discussion in cyber-space? Join the Blogging Tories Forum here.

Please select a video below from the archives of the Blogging Tories.

Back On The Air!

Live weekly show featuring the movers and shakers of WordPress.

Just Say No!

To themes using obfuscated code.

Powered By ...

Is there anything else? Anil...?

Ad Free Zone

This blog is an ad free zone. We do not accept advertising nor do we write sponsored reviews or other such nonsense. The material contained herein has not been influenced by outside parties.

Credits

RiteTurnOnly.com is proudly powered by WordPress and is hosted by EZ Web Hosting. WordPress logo courtesy AOD Design. WordPress button courtesy WordPress. Icons courtesy famfamfam.

The splendid Grid Focus by Derek Punsalan 5thirtyone.com. Sliced, diced and otherwise modified by yours truly.

Disclaimer

This blog is not affiliated with the Conservative Party of Canada nor is it endorsed by them. The views and opinions expressed herein are that of the author and are not related to any political party, organization or individual.