The first plugin I am releasing is more of a security patch. Hopefully this will help to clean up a potential security hole in WordPress, maybe WordPress will include this in their next update.
People I am pinging who should think of installing this:
- A Blog About Nothing : http://www.ablogaboutnothing.com/wp-content/plugins/
- Smemon : http://www.smemon.com/wp-content/plugins/
- John Cow : http://johncow.com/wp-content/plugins/
- ClickaLite : http://www.clickalite.com/wp-content/plugins/
- E-Moms : http://www.emomsathome.com/blog/wp-content/plugins/
- Blogtrepreneur : http://blogtrepreneur.com/wp-content/plugins/
- Matt Cutts : http://www.mattcutts.com/blog/wp-content/plugins/
- Ledger Pad : http://ledgerpad.ath.cx/wp-content/plugins/
I’m sure there are more people on my Google Reader, but these were the first 8 that I checked who had left this potential hole open.
Are you for real ?
There is a potential problem letting people know what plugins you have, or what versions they are. If there is some known exploit that is linked to a plugin, it could be easy enough for someone to use it to their advantage . This could be done in the situation there is an XSS bug. The less a potential hacker can find out about your website, the safer you are. So if you are using WordPress I would recommend you apply the fix.
Upload a blank index.html file in the folder /wp-content/plugins/ . In fact I’ve a copy of one here for you index.htm just click on that to download the file.
I hope this is a help !