A content injection vulnerability exists in WordPress 4.7 and 4.7.1. If you are running either of these versions of WordPress, you need to update to 4.7.2 as soon as possible. What is the vulnerability, and how do I protect against it? This post aims to answer many of the questions.
Category: WordPress basics
WordPress 4.2 introduced a new emoji feature which many were quick to criticise, partly because large parts of the WordPress user community simply didn’t want emoji support, but from what I can gather from forum threads like this, the ugly code it left behind was just not necessary, especially as a core feature that can’t be disabled through the CMS. Don’t worry it can be removed easily.
There’s sometimes scenarios where you want to disable the WordPress dashboard for certain users such as subscribers. You may also want to disable the admin bar for subscribers too.
This isn’t an uncommon scenario, this post tells you how to both disable the WordPress Dashboard for subscribers and disable the admin bar.
The only issue I find is that Yoast SEO doesn’t take content in ACF fields into account when it comes to checking a post for its SEO quality. It’s very easy to get Yoast SEO to check ACF fields though.
It’s easily done, we forget the password for a WordPress account, or get asked by a client to reset it. What happens if you don’t have access to the email account for that user?
You may just want to reset it without having to use the ‘forgotten password’ link where you then have to log into email accounts and then change it from a randomly generated one. If you have access to the database, there’s a simple way to do this. Read on to learn how to reset WordPress password from the database.
Reset WordPress password using a MySQL command
In this example, I am going to assume that you are resetting the main Admin password (usually ID 1). Double check this first, and always use a secure password. Assuming the user ID is 1 and the new password is ‘nUp@ssw0rd’, run:
UPDATE wp_users u SET u.`user_pass` = md5('nUp@ssw0rd') WHERE u.`ID` = 1
WordPress uses a function called md5 which creates the hash for a given input so passwords aren’t stored in plaintext. Any comments or questions, sound them below.