WP-Forum Plugin Security Bulletin
WP-Forum Plugin Security Bulletin
If you are currently using the latest release of the WP-Forum plugin, listen up. The websec security team has discovered a vulnerability within this plugin that can be exploited by malicious users to conduct SQL injection attacks. According to Secunia: Input passed to the “user” parameter in the WordPress installation’s index.php script (when “forumaction” is […]
If you are currently using the latest release of the WP-Forum plugin, listen up. The websec security team has discovered a vulnerability within this plugin that can be exploited by malicious users to conduct SQL injection attacks. According to Secunia:
Input passed to the “user” parameter in the WordPress installation’s index.php script (when “forumaction” is set to “showprofile” and “page_id” to a page with the “” tag) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
This vulnerability when exploited successfully allows the individual to retrieve usernames, password hashes, and email addresses for all users, including administrators. However, the user has to have knowledge of the proper database table prefix. This vulnerability has been confirmed in version 1.7.4 which is currently the most recent version available for download.
Description:
WP-Forum is a WordPress plugin that enables you to have a forum directly attached to your WordPress installation. The plugin is based on Simple Forum.
[EDIT] We wish the plugin author was notified of the vulnerability and given a chance to fix it, but there was no mention of it in the advisory. So until a fix is released, we suggest that the plugin is disabled and removed.
[EDIT] As pointed out in the comments, not the same as Simple Forum WP Plugin.
WordPress Theme Releases for 1 / 21
Three Column Themes Blue Lily Blue Lily is a three column theme which is quite simple and attractive, the main background is a striking blue with green color for the header. The navigation menu is right on the top of the page making it easily visible. Content area is big enough and has a gray background. There are […]
Three Column Themes
Blue Lily
Blue Lily is a three column theme which is quite simple and attractive, the main background is a striking blue with green color for the header. The navigation menu is right on the top of the page making it easily visible.
Content area is big enough and has a gray background. There are two sidebars which you can use to show off additional information.
Widget Ready: Yes
Compatibility: There were no issues that I saw with this theme on Firefox 2+, IE6, IE7, Flock.
Validations: Valid XHTML 1.0 Transitional | Invalid CSS with 1 error
Demo | Release Page | Download
Blue Dream
Blue Dream is a three column theme with a graphical header and rounded navigational menu on the top of the page. The theme comes built in with RSS icons on top of the page to make it easier to subscribe to feeds.
There are two sidebars which can be used to display additional information and advertisements.
Widget Ready: Yes
Compatibility: There were no issues that I saw with this theme on Firefox 2+, IE6, IE7, Flock.
Validations: Invalid XHTML 1.0 Transitional with 32 errors | Valid CSS
Airborne
Airborne is a three column theme which makes use of clouds in the header and footer sidebar section as a background. The main content area is a bit small which does not allow you to add big images into the content.
There are two sidebars for showing additional content, it also has a footer sidebar where you can add more content allowing you pack all the information like top posts, recent posts etc in a single page.
Note: The release page is in German.
Widget Ready: Yes
Compatibility: There were no issues that I saw with this theme on Firefox 2+, IE6, IE7, Flock.
Validations: Valid XHTML 1.0 Transitional | Valid CSS
Our new addition
The Office of Marketing and Communications is pleased to welcome Gina Prodan, to our Web development team.
The Office of Marketing and Communications is pleased to welcome Gina Prodan, to our Web development team. Gina comes to us from Kent State University where, in her capacity as Senior Web/Editorial Specialist, she worked on—among other things—the award winning Kent State Magazine Web site.
Gina is just settling in right now, getting her computers configured and such, but we’ll soon have her busy building sites, answering questions, and sharing her insights here on the Web Development blog. (In fact I’ll be tagging her to follow up on a blog meme later today.)
WordPress Theme Releases for 1/8
Antropov is a 3-column, light-colored theme built on the Cutline theme. Brilliance is a 2-column theme with a very simple, clean layout and design. Deadwood-lite is a 2-column, minimal theme primed for writers who want to focus their online efforts on readability, pull quotes, and clarity. Dilectio is a 3-column theme with artistic stylings. Hardcover is a 2-column theme […]
Antropov is a 3-column, light-colored theme built on the Cutline theme.
Brilliance is a 2-column theme with a very simple, clean layout and design.
Deadwood-lite is a 2-column, minimal theme primed for writers who want to focus their online efforts on readability, pull quotes, and clarity.
Dilectio is a 3-column theme with artistic stylings.
Hardcover is a 2-column theme with crisp design and typography.
Landis is a 2-column theme with two customizable options for the site title and tagline.
SparkWP is a 2-column, minimalistic, light-on-dark theme.
Webdesign is a 2-column theme with light-blue colors. (Download page is Dutch.)
Why walk alone? is a bright beachscape theme available in 2- and 3-column varieties.
Voice and Tone: Writing to reflect your personality as well as your message (Part 1)
Last week someone posted a question to the WordNerds group regarding the importance of voice and tone in writing. In particular she wanted to know how to convey the importance of voice and tone to colleagues who aren’t professional writers. Not having covered this topic previously I thought I’d give it a go.
Scale of tone? Or is there more to it?
Last week someone posted a question to the WordNerds group regarding the importance of voice and tone in writing. In particular she wanted to know how to convey the importance of voice and tone to colleagues who aren’t professional writers. Not having covered this topic previously I thought I’d give it a go.
Voice and Tone, is there a difference?
After prowling the Web looking for various references on the subject I’ve found that opinions differ on this. Some treat the terms interchangeably, while others see key distinctions. For the purpose of this blog, I will define voice to represent the personality and/or style of the writer and tone to reflect the mood or attitude of the writing in relation to its audience and goal. Today I’ll focus on tone.
Tone and formality
Writers often think of tone as a measure of formality, striking a more serious mood and style for an academic paper, a not-as-serious mood (the equivalent of business casual clothing) for an informative blog entry and a light mood and casual style for an e-mail to a friend. They do this in regard to their audience and publication as though there were a corresponding scale that shows that serious, matter-of-fact writing is taken more seriously by peer-reviewed journals and professors, while a laid-back tone is more welcomed by friends.
While this makes sense to a degree, I’m not sure that such a scale is accurate. When deciding whether a writer is well-informed and making a good case, I’m more likely to consider how the information is organized, the logic of the arguments made, and any related sources, than I am the seriousness of tone. Where I will consider the tone is when it comes to readability. Is the piece so dry that I’m asleep before I finish? Does it match the subject matter? Is it appropriate to the message or does it make the writer seem disingenuous? Some writers will strike a serious tone to seem more authoritative, when in fact that tone seems false, making us question—rather than trust—the authority.
When matching seriousness of tone to audience it’s equally important to match the tone to our goals. Are we writing to inform? To persuade? To warn? To amuse? To console?
If I were writing guidelines for the safe-handling of sodium, my first instinct might be to take a very serious tone. Sodium is dangerous, it shouldn’t be touched by human hands, mixed with water, bla bla bla. Yet, if I’m giving these guidelines to students, I want them to pay attention, both to keep them safe and to keep them interested. While I want to make sure they don’t hurt themselves, I also don’t want to scare them away from the study of chemistry. Rather than just giving them somber warnings about explosions, perhaps it would be appropriate to follow the example of Theodore Gray—who documented his sodium party experiments in text and video. Gray’s tone is moderately serious with a hint of humor, clearly demonstrates the dangers of sodium, yet still makes one want to learn more about it. Had he kept his tone too serious or dry no one would have paid much attention, but by striking the right balance, his story was passed along and mentioned in Slashdot and other media.
Tone and attitude
To be serious, or not, is but one measure of tone. Plenty of people stop there, but I think there is much more to it. Humorous writing may be sarcastic, flippant, silly or ironic (among others). Complaints can be angry, bitter, sad, cautious, polite, intense, etc. Tone comes in a wide range of attitudes, some of which may overlap. This is where things get tricky. It’s (relatively) easy to write something that sounds serious and professional. That’s the tone I’ve used so far today. But have I struck the right mood? In taking a straightforward approach to the topic, am I sounding condescending or collegial? Pedantic or informative? Have I so bored you that you’re now asleep—dreaming that your lobster ice-cream franchise failed because you just couldn’t compete with your rival’s spicy crab cones?
These are the questions I must ask myself. When I re-read something, I’ll question the mood. Is it too dry? Too goofy? Too dark? Does it suit the topic? Will it engage the reader? Today the fight has been to avoid being too dry or condescending. My goal is to offer some friendly advice, not to come off as some authoritarian know-it-all. To capture the right mood, I’ll need to keep tweaking things. I’ll replace sentences like:
“Writers are often confounded by such nuances.” (Man, that sounds pompous.) with “This is where things get tricky.”
Then I’ll make sure that I’ve used contractions and added a few quirky ideas—such as the bit about the lobster ice-cream. Perhaps I’ll also switch perspective. Notice how the bits I’ve written in first person seem more friendly than those in third person? Vocabulary, perspective and punctuation can all color the tone of the text. With that in mind I’ll keep reading and tweaking until it sounds good enough to post. Good enough depends on your objective—given my time restraints I’ll spend less time polishing a blog entry than I might an article for print publication. (That’s my disclaimer in case I still didn’t get the mood spot on!)
Recommendations
Choosing a tone, writing, then editing to reflect that tone seems to be what works best for me. It also helps to let someone else read your work. They may notice an attitude that you didn’t. When they suggest a change to a word or phrase, take it under consideration. As writers we’re often protective of our work, but if we’re writing to be read, then we need to listen to our readers. They won’t always be right, but they won’t always be wrong either. Viewing your work through their eyes, will give you a new perspective, and often some very good ideas.
Also remember, you don’t always have to sound serious to be taken seriously.
Voice and Tone Resources
- A Word About Style, Voice, and Tone
- At the Sound of Your Tone…Part 1
- Individual and Appropriate Voice
- The difference between tone and voice
- Thinking Rhetorically: Consider Your Voice, Tone, and Persona
- Tone: A Matter of Attitude
- Tone in Business Writing
To learn more, read Part 2: Voice