wordpress

Update WordPress Installations to >4.7.2

This post is applicable for hosted wordpress installations where auto-updates are disabled.

Yesterday, I noticed there was blog post “Hacked by Unknown” on Askdba blog.

Post was written by White Hat Hacker who exploited the Content injection vulnerability in 4.7.0 and 4.7.1. This vulnerability allows any visitor (unauthorized user) to assume role to edit/create blog posts  Since auto-updates were disabled , security patches had to be applied manually.
I had disabled auto-updates  as it had broken my WordPress installation. But I have enabled it now and would recommend all to ensure that they upgrade their installations manually or enable auto-updates .

In case auto-updates were disabled, you can enable auto-updates by removing following line from wp-config.php

define( ‘WP_AUTO_UPDATE_CORE’, false );

More details regarding this vulnerability can be found  here

14 May, 2017 by Random 0

WordPress 2.8 “Baker” Released

WordPress version 2.8 has been released. Following link contains video demo of changes in V2.8.

I found option of installing theme directly from WordPress themes the coolest feature. It is not new for people using the free wordpress account’s  but for people using wordpress on their own domains had to first download the theme from net and then ftp back to their  hosting server (I am using yahoo webhosting which provides only ftp access , no ssh access). 

I do not see any note on how to Upgrade V2.7.1 to V2.8. If you try using the WordPress Automatic upgrade tool in V2.7.1, it gives a message that ” You are already on latest Release”. Anyways I am looking forward to upgrading it to V2.8 asap as it gives me option of trying out new themes 🙂 . In case anyone find’s any article on how to do it, then do let me know.

Update : – Now Upgrade link has come up on Dashboard ..May be the developers forgot about it initially 🙂

– Amit

11 June, 2009 by Random 0

Upgrade to WordPress 2.7.1

WordPress 2.7.1 is out..While using upgrade button, it will be stuck at downloading files and will not proceed further. This issue will be faced by people using “Automatic Upgrade” plugin available in prior release. You need to disable the plugin and then re-try the operation. Also note that you have to take a “Backup ” of database as the plugin does not take automatic backup.

WordPress Automatic Upgrade plugin did not work for me , as this gave message for my 2.7 installation

“Congratulations!!! Your WordPress version is already up to date”

So you can easily go ahead and disable this plugin and use the Upgrade option available with WordPress 2.7

Cheers
Amit

12 February, 2009 by Random 0

Disclaimer!!

This blog reflect our own views and do not necessarily represent the views of our current or previous employers.

The contents of this blog are from our experience, you may use at your own risk, however you are strongly advised to cross reference with Product documentation and test before deploying to production environments.

Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 188 other subscribers