A content injection vulnerability exists in WordPress 4.7 and 4.7.1. If you are running either of these versions of WordPress, you need to update to 4.7.2 as soon as possible. What is the vulnerability, and how do I protect against it? This post aims to answer many of the questions.
WordPress 4.2 introduced a new emoji feature which many were quick to criticise, partly because large parts of the WordPress user community simply didn’t want emoji support, but from what I can gather from forum threads like this, the ugly code it left behind was just not necessary, especially as a core feature that can’t be disabled through the CMS. Don’t worry it can be removed easily.
There’s sometimes scenarios where you want to disable the WordPress dashboard for certain users such as subscribers. You may also want to disable the admin bar for subscribers too.
This isn’t an uncommon scenario, this post tells you how to both disable the WordPress Dashboard for subscribers and disable the admin bar.
So I was given the brief “design and build a really cool website with the wow factor”. This was a tough brief, not only because I knew expectation was high, but because the client was a family friend and I was doing the site as a favour. Find out about the new WordPress website I built them.
The only issue I find is that Yoast SEO doesn’t take content in ACF fields into account when it comes to checking a post for its SEO quality. It’s very easy to get Yoast SEO to check ACF fields though.
It’s easily done, we forget the password for a WordPress account, or get asked by a client to reset it. What happens if you don’t have access to the email account for that user?
You may just want to reset it without having to use the ‘forgotten password’ link where you then have to log into email accounts and then change it from a randomly generated one. If you have access to the database, there’s a simple way to do this. Read on to learn how to reset WordPress password from the database.
Reset WordPress password using a MySQL command
In this example, I am going to assume that you are resetting the main Admin password (usually ID 1). Double check this first, and always use a secure password. Assuming the user ID is 1 and the new password is ‘nUp@ssw0rd’, run:
UPDATE wp_users u SET u.`user_pass` = md5('nUp@ssw0rd') WHERE u.`ID` = 1
WordPress uses a function called md5 which creates the hash for a given input so passwords aren’t stored in plaintext. Any comments or questions, sound them below.
The year that I’ve been running this blog has been great fun, and its proved beyond reasonable doubt that a Raspberry Pi can run WordPress very reliably, providing some preliminary steps are taken prior to installing Apache, PHP and MySQL. There’s a new platform now, and it’s time to test yet again what a Raspberry Pi can do.