Comments on: Insecure Way to Upgrade to WordPress 2.3

By: BackUpWordPress 0.4.4 security fix | WordPress Designpraxis

BackUpWordPress 0.4.4 security fix | WordPress Designpraxis — Fri, 02 Nov 2007 16:45:57 +0000

[...] has a fix for a very critical security vulnerability reported by Alexander Concha, who already helped before improving BackUpWordPress. Thanks [...]

By: Roland Rust

Roland Rust — Wed, 26 Sep 2007 20:55:55 +0000

Alex, I’m happy to see some WordPress core developers having a look at my plugins. I have set up a forum (http://wpforum.designpraxis.at/) for support, bug reports, troubleshooting etc., if you happen to run into more security issues with my stuff, please let me know!

By: alex

alex — Wed, 26 Sep 2007 15:30:42 +0000

Well done Roland!, I didn’t answer before because I was sleeping

By: Roland Rust

Roland Rust — Wed, 26 Sep 2007 07:48:10 +0000

Alex, a bug-fix release of BackUpWordPress was released this moment. The plugin’s backup repository is now secured by .htaccess. I also have added capabilities to the Plugin, to allow the blog admin to download backup archives.
Thans a lot for pointing out security issues in BackUpWordPress!

By: Roland Rust

Roland Rust — Wed, 26 Sep 2007 05:32:54 +0000

Alex, BackUpWordPress is a beta release, I haven’t had too much support from experienced WordPress users until now. Please tell me more about the vulnerabilities you find in the plugin. Thanks a lot in advace!

By: David Kierznowski

David Kierznowski — Tue, 25 Sep 2007 18:08:55 +0000

I hope you keep us in the loop champ! I think BlogSec may even sponsor this plugin, it may have some bugs, buts its an absolutely awesome project!

By: alex

alex — Tue, 25 Sep 2007 16:32:41 +0000

David, is not public yet, however I do not plan to write any advisory.

By: David Kierznowski

David Kierznowski — Tue, 25 Sep 2007 15:43:23 +0000

Alex, why am I not surprised you have another vulnerability to share
Is the vul public?