WordPress 4.0.1 Security Release

WordPress 4.0.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately.

Sites that support automatic background updates will be updated to WordPress 4.0.1 within the next few hours. If you are still on WordPress 3.9.2, 3.8.4, or 3.7.4, you will be updated to 3.9.3, 3.8.5, or 3.7.5 to keep everything secure. (We don’t support older versions, so please update to 4.0.1 for the latest and greatest.)

WordPress versions 3.9.2 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This was reported by Jouko Pynnonen. This issue does not affect version 4.0, but version 4.0.1 does address these eight security issues:

– Three cross-site scripting issues that a contributor or author could use to compromise a site. Discovered by Jon Cave, Robert Chapin, and John Blackbourn of the WordPress security team.
– A cross-site request forgery that could be used to trick a user into changing their password.
– An issue that could lead to a denial of service when passwords are checked. Reported by Javier Nieto Arevalo and Andres Rojas Guerrero.
– Additional protections for server-side request forgery attacks when WordPress makes HTTP requests. Reported by Ben Bidner (vortfu).
– An extremely unlikely hash collision could allow a user’s account to be compromised, that also required that they haven’t logged in since 2008 (I wish I were kidding). Reported by David Anderson.
– WordPress now invalidates the links in a password reset email if the user remembers their password, logs in, and changes their email address. Reported separately by Momen Bassel, Tanoy Bose, and Bojan Slavković of ManageWP.

Version 4.0.1 also fixes 23 bugs with 4.0, and we’ve made two hardening changes, including better validation of EXIF data we are extracting from uploaded photos. Reported by Chris Andrè Dale.

We appreciated the responsible disclosure of these issues directly to our security team. For more information, see the release notes or consult the list of changes.

Download WordPress 4.0.1 or venture over to Dashboard → Updates and simply click “Update Now”.


New Design at C-odonoghue.com

We have a brand new layout over at C-odonoghue.com, a Colin O’Donoghue fansite, made by Gemma.

Check out the site to keep up to date on all you need to know about Colin and don’t forget to also visit our gallery where we currently have over 28’000 images. Thank you for visiting and please return to us daily. Also don’t forget to follow us on Twitter and Tumblr.


H-Panettiere.com Has a New Look!

http://kepfeltoltes.hu/140825/ujj_www.kepfeltoltes.hu_.png

H-Panettiere.Com, your daily source about the Nashville’s star has a brand new layout! If you like the actress,  check our new look on h-panettiere.com, which is the biggest and best Hayden Panettiere fansite. You can find us on Facebook too.


LucyWeb.Org Has a New Look

http://kepfeltoltes.hu/140725/newdd_www.kepfeltoltes.hu_.png

LUCYWEB.ORG, your daily resource about the Pretty Little Liars’s star has a new brand and layout! If you like the actress, check our new look on lucyweb.org, which is the biggest Lucy Hale Fansite. You can find us on Facebook too.


Portal Megan Fox has a new look

Hello Meganiacs!

Portal Megan Fox your daily resource about the Teenage Mutant Ninja Turtles star has a new layout!

Be sure to check our site and our gallery, and follow us on Twitter, Tumblr, and like our Facebook page!

Enjoy your browsing! xoxo


Desiring Jamie Dornan has new layout!


The Spanish fansite about the actor/model Jamie Dornan has new look. Check it out and visit us in our fansite and gallery. www.jamie-dornan.es


New Design at c-odonoghue.com

We have a new layout over at the newest Colin O’Donoghue fansite, c-odonoghue.com, made by the lovely Gemma. Please visit the site and don’t forget to follow us on Twitter and Tumblr. Feel free to leave a messages in our chatbox as well.


Kerry-WashingtonFan.Us Back with a Whole New Look!

Kerry Washington Fan finally released our new more right to the Kerry Edition Layout!


I am happy to release that the new layout and it features a more inviting look with all the #scandal related headlines at top in a convenient post slider and the responsive navigation with our new offical logo below and a professional white box below featuring new photos on the left and new videos on the right and the not scandal related Kerry Washington related post on the middle and this website layout is responsive so grab your devices (Ipads, Iphones, Androids) so you can still keep updated with a fast easy to navigate site, & lets not forget a matching gallery theme.

Please go here to enjoy the new gallery look – View

Also we would like to invite all our site fans as well as other #Gladiators to follow us on twitter @KerryWashingfan and Like us on facebook @KerryWashingtonfan

Thank you and hope you enjoy the site!


ASAP Rocky Daily Website & Gallery Is Back!

The biggest and greatest fan ran A$AP Rocky fansite is back and bigger than before! The official website asaprockydaily.com and the gallery asaprockydaily.com/gallery both have brand spanking new looks!

The website will now be updated daily and the gallery has over 1000+ photos (450 HQ) and more are being added daily! Check out asaprockydaily.com for the latest news on A$AP Rocky. Make sure you visit the website!

Also make sure to follow A$AP Daily on Twitter and Youtube.


Mandatory Upgrade

Dear Users,

we would like to announce that the newest version of WordPress has been released (2.8.5). The headline changes in this release include:
• a fix for the Trackback Denial-of-Service attack that is currently being seen,
• removal of areas within the code where php code in variables was evaluated,
• switched the file upload functionality to be whitelisted for all users including admins,
• retiring of the two importers of Tag data from old plugins.

We would recommend that all sites are upgraded to this new version of WordPress to ensure that you have the best available protection.

Do not forget to upgrade all your scripts, especially Coppermine, because many of you use old versions which is not a good idea at all.