Welcome to Geeklog Thursday, November 23 2017 @ 11:55 am EST

jQuery, Maps, Paypal, Classifieds and Vthemes Plugins Updates

  • Contributed by:
  • Views: 4,734
Plugins

Here are the updated 5 plugins that let you enjoy the new features and security patches.

  • jQuery plugin 1.3.1: Allows you to display images in a lightbox and more
  • Maps plugin 1.2.3: Display google maps on your website, as well as markers and overlays
  • Paypal plugin 1.4.3: open your shop to sell files, subscriptions, articles.
  • Classifieds plugin 1.2: Classifieds Publish in minutes.
  • Vthemes plugin 1.5.3: View the different themes available for your site.

As some code exploits were discovered in TimThumb script which is in all those plugins, it is ask to update as soon as possible. See Dowloads section.

If you do not want or can't upgrade any of those plugins due to your Geeklog version, please replace at least all your timthumb scripts:

  • public_html/classifieds/timthumb.php
  • public_html/jquery/timthumb.php
  • public_html/maps/timthumb.php
  • public_html/paypal/timthumb.php
  • public_html/vthemes/timthumb.php

Here are a few enhancements in TimThumb 2.0:

  • Includes the ability to take website screenshots if you have Xvfb and CutyCapt installed. (Instructions included how to do this)
  • All filters and resizing can be applied to website screenshots.
  • The cache directory is now secure and is still public for flexibility across platforms.
  • TimThumb creates index files in your cache to prevent directory listings.
  • Filenames are more randomized using data that a hacker doesn’t have access to, making it very hard to guess filenames in cache and access them.
  • Cache files have a .txt extension which means the web server won’t execute them.
  • All cached files have a fixed length record at the beginning which, if a web server tries to execute them, will be interpreted as PHP code and will cause an immediate exit.
  • It includes file locking when files are created in cache to avoid conflicts.
  • The entire code base has been rewritten and refactored for better code scaleability.