Im a happy user of Easy Digital Downloads and I use it to sell all my plugins,  but a month ago I found a security issue on my site that I would like to share( now that it's resolved) so other people can protect their files. Basically EDD uses htaccess file to protect downloads from unauthorized users but what happens when you use a Nginx server like I do? Well, short answer is nothing, your files are not protected at all. So any smart guy with a bit of research could get your plugins for … [Read more...]

Hi! everyone knows that black friday is coming soon and you are probably waiting to get some great deals soon. Well, let me tell you that in Timersys we are going to do a Black Friday plus!! From right now till Monday all plugins will be available with a 40% discount rate by using the following coupon: BLACKFRIDAY Hurry up and get your WordPress Popup premium extension or try the WordPress Social Invitations. P.S: We are about to release a Geo Targeting plugin, hopefully before … [Read more...]

New WordPress 4.0.1 has just been released to public. The new version  is a critical security release that provides a fix for a critical cross-site scripting vulnerability. Along with this fix, also several bugs were fixed in the new version. Sites that support automatic background updates will be updated to WordPress 4.0.1 within the next few hours. If your site is still on WordPress 3.9.2, 3.8.4, or 3.7.4, it will be updated to 3.9.3, 3.8.5, or 3.7.5 to keep everything secure. If you … [Read more...]

As many of you already noticed we are using https in our site to serve secure content. So I decided to write a post about the steps I did to make this happens. While lot of people is telling to add ssl to rank better in Google, trust me, ssl is not yet implemented in the algorithm but will be probably added soon. Anyway I think it won't be a high coefficient changer. In our case we added it to add an extra security layer to our growing list of clients. The payments are currently being … [Read more...]

We’re getting in touch to inform you about a serious vulnerability in a WordPress plugin discovered last week that can affect multiple sites. This vulnerability allows attackers to access the servers of all sites using older versions of the Slider Revolution and Showbiz Pro (WordPress) plugins by ThemePunch. The vulnerability exists for all versions of Slider Revolution earlier than version 4.2 (released in February 2014) and all versions of Showbiz Pro (WordPress) earlier than 1.5.3 (released … [Read more...]

We are happy to announce that we just release our latest plugin to public! Wpfavs it's a bulk plugin installation tool. How it Works? You first need to download and install the plugin (currently only available on GitHub)  Then you can go to Wpfavs site and browse the existing WpFavs or create your own WpFavs list. Once the plugin is installed on your site you can access to it in the Tools -> Wpfavs menu. From there you have two options: 1- Insert the API key you received when you … [Read more...]

Facebook released their new API v2 with no much new features but we a lot of restrictives policies. Instead of the new Open Graph API I would call it the Close Graph API. On the old API when you are app needed some permissions from the user using it, like the permission to retrieve a list of friends ,  a window was popping up during the login process asking for the needed permissions to the user and end of history. With the new API you first need to ask Facebook for permission to use that … [Read more...]

If you are a happy Woo client, it's posible that it wont be for much more time if you used your credit card in the last year. Their main website was compromised (not their plugins or themes) and the credit card info were stoled during checkout process. They are updating their blog  with all the news regarding this issue but there are already 1000 clients with stolen money on their bank accounts and the number could get higher in the next days. So if you used your credit card on Woothemes.com … [Read more...]