WPTavern is looking for contributors

Back in January, Jeffro announced that WPTavern may no longer be regularly updated. However, over the past few weeks, I’ve been following the new posts at the blog by the new owner. And, yesterday WPTavern opened its doors to writers worldwide to contribute to making the website a highly successful WordPress community.

How to prevent CSRF vulnerability in WordPress plugins and themes

Recently the folks at Secunia contacted me regarding a vulnerability in my plugin Contextual Related Posts.

Contextual Related Posts is a powerful plugin for WordPress that allows you to display a list of related posts on your website and in your feed. The plugin comes with a tonne of options and inbuilt caching that can possibly increase user retention.

This vulnerability was on the settings page of the plugin and opened up the blog to a potential cross site request forgery (CSRF)

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to change plugin settings and e.g. insert malicious script to pages or posts when a logged-in administrator visits a specially crafted web page.

Since then, I’ve been scouring the web for material on this and you might also want to take a look this article on crunchify for a solution. In this post, I’ll tell you what I did to fix the vulnerability. But first, let’s understand what’s CSRF.

Read More »How to prevent CSRF vulnerability in WordPress plugins and themes

How to delete unused or less used post tags in WordPress

If you’ve been running a multi-author blog like us, over a period of time, you’ll see your list of tags growing exponentially. When I reviewed the number of tags on Techtites today, I noticed that this was well over 1,100 tags!

So, I went into the Tags interface and immediately realised that I’m going to spend an hour just deleting and cleaning up tags.

There are a few WordPress plugins available that allow you to manage tags and categories, including Term Management Tools. However, there isn’t a good free plugin to delete and clean up tags.

So, with a bit of googling, I came across SumTips post. If you have access to your database via phpMyAdmin or a similar tool then it will take you less than a minute to delete unused or unpopular tags.

If you proceed beyond this step, please be extremely careful. Playing with your database table is risky and can break your entire site!

Read More »How to delete unused or less used post tags in WordPress

5 lesser known Contact Form plugins for WordPress

Everybody has heard of Contact Form 7 (we use it here on Techtites) as well as many of you might have got your hands on Gravity Forms. Besides these, there are several other lesser known contact form plugins that make it easy to collect information from your visitors. I’ve highlighted five of these below.

10 Free High Quality WordPress Themes for 2013

I usually spend a good amount of time hunting for themes for WordPress, mostly discarding many just because they don’t fit the theme or the site or just don’t look good. The WordPress repository is the best place to start, but requires you to invest some time checking and testing out the themes to find the one. Below is a list of WordPress Themes that have been released in 2013 and stand out because they look good!

On-Page SEO Checklist for WordPress Blogs

Today in the world of competition, it’s very difficult to beat someone without using resources like money, man power and skills. The field of blogging is also just like practical world where everyone want to be on top of the list and want to earn more than others. The methodology of competition goes on and with the passage of time you’ll see an increase in competitors and ratio of increasing competition is higher than decreasing.