Archive for the "Security" Tag

Filed in: , , , ,
Posted On: 2009 / 03 / 26

Best practices when it comes to writing plugins is a frequently asked question on the wp-hackers mailing list. Good news: Mark Jaquith, one of the WordPress core developers, has an ebook planned: Too many WordPress plugins have security issues. Solution: I'm writing a short e-book on how to write secure WordPress plugins. I'll buy.[...] → Read more

Filed in: , ,
Posted On: 2008 / 10 / 25

I've just noticed this (new, I guess) kind of warning on Gmail: "this account is currently being used in 1 other location at this IP" This is a welcome feature. I really wished Gmail would add more paranoid and security related notes and items like this one. I (most of us?) have most of their […][...] → Read more

Filed in: , , , ,
Posted On: 2007 / 12 / 25

This is a truly scary story : David Airey got his domain stolen because of a GMail vulnerability. Short story: it was (seems it's fixed) possible to create filters on Gmail just by visiting a link or, say, loading a hidden frame on a malicious website. Like, create a filter to forward to any […][...] → Read more

Filed in: , , , ,
Posted On: 2006 / 02 / 23

I've updated the popular Click Counter Plugin, now available in version 1.02 This is a security upgrade, fixing a potential SQL injection exploit that was discovered by Dougal Campbell (many thanks to him for this notice). To be honest, I tried for half an hour to break things with various SQL injections and XSS attempts, […][...] → Read more