twentythree7

design, faith, web, photography… life

Mar 23, 2007

Security Update, WP-Cache NoSymlink 2.1.1

Ricardo Galli has released, today, a security update for his popular plugin, WP-Cache 2:

“It contains a security fix from Alex Concha to avoid CSRF attacks directed to admin pages which can inject wrong values into the configuration form, which can allow XSS attacks if those fake values are saved into the configuration file.”

I have, therefore, made the necessary adjustments, and have released WP-Cache NoSymlink 2.1.1. Please be sure to update to close this vulnerability.

Because of the adjustments, this plugin now only works in Wordpress 2.0 and above.

Warning: this version uses control functions only available in Wordpress >= 2.0. It won’t work with previous WP versions.

Technorati Tags: , , ,

One Comment, Comment or Ping

  1. Gaurav

    Hi Thank you very much for fixing this noSymlink.

    I’ve one suggestion for your great plugin make it also Gzip enable.

    Is there any way to make wp-cache and eAccelerator Plugin both work together i.e simultaneously.

    Do give feedback to me if possible at my email id.

    I would much appreciate.

    Rds, Gaurav

    Jul 21st, 2007

Reply to “Security Update, WP-Cache NoSymlink 2.1.1”

Catgories

Browse by topic.

Friends

These sites are pretty cool. You should visit them, because I like them.

Subscribe

Stay updated on my wandering, and sometimes sparse, thoughts via RSS (Syndicate).

Proudly Hosted By

Paying the Bills

A feeble attempt to recoup hosting fees.

A Random Image