WordPress Plugins

Security and Backup Essentials for WordPress

WordPress is a cultural phenomenon when it comes to publishing online. What started as a simple blogging tool in 2003 has become the most popular… Read More »Security and Backup Essentials for WordPress

Advertisements
Add to All - Content Options

How to Add Text before Post Content in WordPress

The benefit of using WordPress to power your blog is that you don’t need to edit any PHP files and use thousands of ready themes available for free. If you’re like me, you’d prefer to keep away from major editing of the theme files and prefer to use the right assortment of plugins to get the job done. If you’re looking to add text before post content in WordPress, you can either edit your theme files or check out Add to All, a plugin I released a while back.

WordPress

How to prevent CSRF vulnerability in WordPress plugins and themes

Recently the folks at Secunia contacted me regarding a vulnerability in my plugin Contextual Related Posts.

Contextual Related Posts is a powerful plugin for WordPress that allows you to display a list of related posts on your website and in your feed. The plugin comes with a tonne of options and inbuilt caching that can possibly increase user retention.

This vulnerability was on the settings page of the plugin and opened up the blog to a potential cross site request forgery (CSRF)

The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to change plugin settings and e.g. insert malicious script to pages or posts when a logged-in administrator visits a specially crafted web page.

Since then, I’ve been scouring the web for material on this and you might also want to take a look this article on crunchify for a solution. In this post, I’ll tell you what I did to fix the vulnerability. But first, let’s understand what’s CSRF.

Read More »How to prevent CSRF vulnerability in WordPress plugins and themes

WordPress

5 lesser known Contact Form plugins for WordPress

Everybody has heard of Contact Form 7 (we use it here on Techtites) as well as many of you might have got your hands on Gravity Forms. Besides these, there are several other lesser known contact form plugins that make it easy to collect information from your visitors. I’ve highlighted five of these below.