Tag: wordpress

WPtouch: Mobile Plugin + Theme for WordPress

I’ve just installed WPtouch 1.9.8.1 (ZIP) which was released  on Feb 9 and I really like it:

More than just a plugin, WPtouchTM is a mobile theme for your WordPress website. Modelled after Apple’s app store design specs, WPtouch loads lightning fast and shows your content beautifully, without interfering with your regular site theme.

WPtouch automatically transforms your WordPress blog into a web-application experience when viewed from an iPhoneTM, iPod touchTM, AndroidTM, or BlackBerry StormTM touch mobile device.

via WPtouch: Mobile Plugin + Theme for WordPress » BraveNewCode Inc..

WordPress 2.8.3: Quick-fix for admin lock-out security problem

Problem description (In WP 2.8.3 and earlier, the admin password can be reset remotely without WordPress generating a new one, locking-out the admin):

[Full-disclosure] WordPress <= 2.8.3 Remote admin reset password

For a quick-fix, see:

http://core.trac.wordpress.org/changeset/11798

i.e., in wp-login.php, replace the line

if ( empty( $key ) )

with

 if ( empty( $key ) || is_array( $key ) )


If your WordPress installation has been hacked already, here’s an emergency password reset script you can use to reset and regenerate your admin password.

A German explanation of the security bug and how to fix it can be found on heise online:

Lücke in WordPress ermöglicht Aussperren des Admins

[Update 20090812: Now that a security update is available, users are advised to update to WordPress 2.8.4]