Zero Day Vulnerability in Many WordPress Themes TimThumb is a popular image resizing utility used on millions of sites worldwide. It is inherently vulnerable because it allows hackers to upload and execute arbitrary PHP code in your timthumb cache directory. To prevent this from happening, it is urgent that you either update your TimThumb script [...]

Please join me for this class on WordPress Security Essentials, Tuesday, July 13, 2010, at the new Boulder Digital Arts studio. Use discount code BDA-Instructor-2010 to receive 10% off the class. WordPress is an easy, powerful way to build and maintain a website.  This flexible, highly customizable content management system (CMS) is ideal for blogs, [...]

Q: If you develop websites with WordPress for clients, what do you do about upgrading their sites? Do you upgrade all of your clients sites every time a new version of WordPress comes out? Do you only upgrade when there’s a security risk? Do you tell your clients before you start that you will be [...]

The other night, I was part of a panel discussion at Boulder Digital Arts about WordPress. We had three panelists: me, Bethany Siegler of UniqueThink.com, and Doulgas Wray of MacWebGuru.com. In the middle of the presentation, someone asked: A programmer friend of mine suggested that I should use a lesser known CMS because WordPress is [...]