Wordpress Uploader: Security Update
Thanks to a tip from one of our users, we’ve located and patched a potential security hole in one of our most popular offerings, the DivShare Uploader Plugin for Wordpress. Because the way your account is verified has changed, you’ll need to upgrade to version 1.1 immediately to continue using the plugin. Here’s the download link:
» DivShare Uploader 1.1 (DivShare_Uploader_-_V_1.1.zip)
To upgrade from version 1.0, simply unzip this file and overwrite the two PHP files — dashboard.php and divshare_upload.php — in the directory where your plugin is located. If you need any additional help, drop us an e-mail at support@divshare.com. In regards to the security issue, we won’t go into too much detail because we don’t want to make things easier for any potential bad guys, but we can say that the hole is completely closed (regardless of your plugin version) and we have no reason to believe that anyone’s account was accessed without authorization. No passwords have been jeopardized, either.
You’ll also notice an added layer of security — if you’re not already logged in when you start using the plugin, you’ll be prompted to do so. This is just one more way to help us verify that you and only you can view the dashboard feed that gets sent to your plugin. All in all, we don’t believe that this problem was widespread or that anyone malicious was aware of it before we were. Drop us an e-mail if you have any questions, and stay tuned for more big updates this week.
June 6th, 2007 at 3:53 am
How about a perpetual “Feedback and New Feature Suggestions” thread in the Blog - a thread that is not relegated to the month-by-month archive, but simply always stays visible (well the link to it stays visible that is).
I never know where to post suggestions (such as below) under the current Blog design.
—————————————————————————————————
Thought I would just outline what (in my personal opinion!) would comprise a really complete service - the service everyone hankers after.
We all need a “home” on the web for all our files, for the following purposes -
1) Backup.
2) Storage - for all those files which are not strictly computer backup since they are housed on a motley selection of old cd’s, dvd’s, flash media etc.
3) Synching of vital folders between several different computers.
4) All the clever things divShare enables one to do with files.
Services such as Carbonite satisfy item 1 (i.e Backup) - but ONLY item 1 - in an elegant fashion, totally automatically. So once all one’s files are at Carbonite they are totally useless except in that (vary rare) circumstance that one’s computer dies. Items 2, 3 and 4 are not catered for at all.
I had hoped that divShare would become that all-encompassing “home” for one’s files - for all needs. It is absurd, even with broadband, to have to try and duplicate uploading of a large proportion of one’s files to different places for different purposes. Duplication uses too much recources - computer use, internet bandwidth, personal time and effort!!!
It would have to be automatic to be really effective - i.e. the initial backup of all selected folders (with their sub-folders) on one’s computer to divShare. Then all one’s files would be instantly available for all those clever divShare uses. Obviously item 2 (storage of files from other media) would be a manually dealt with upload. Item 3 (synch between computers for vital folders) should be automatic or semi-automatic too.
Oh yes - one over-riding thing - it must be FAST!
Let’s hope.
June 7th, 2007 at 9:03 am
Here’s another suggestion specifically about the Divshare Uploader Wordpress Plugin –
It would be nice to the select the photos which we want to upload and insert within our Wordpress post page — AND have them auto-inserted into the blog post automatically vs. uploading, clicking on the link to insert the images, selecting again on each image to manually insert the files we just uploaded.
For the vast majority of files upoaded within the post page using the divshare uploader plugin feature — you should be safe to assume that the user wants those images inserted into the blog post they are currently composing — so saving those extra steps would be very helpful and lend itself to more usage of the divshare plugin.
Thanks for listening!
June 10th, 2007 at 10:12 pm
[…] Update: Download Version 1.1 (zip) […]
October 12th, 2007 at 11:44 am
Does this plugin work with WP 2.3? I seem to be having some problems uploading with it. Every time I try to upload the bar doesn’t move and it just says the following:
“Uploading: 0 of 0 KB
0 KB/S — 0 seconds left”
Is there something wrong with the plugin?
October 25th, 2007 at 10:02 am
I have the same problem and when I’m on the “Mi Files” section only I can see This message -Sorry for the delay.
Looks like the “My Files” feed didn’t return the proper data.
This can usually be solved by simply refreshing the page.- And it does nothing
November 13th, 2007 at 7:51 am
Several problems:
1. Downloaded 1.1 but Wordpress says it is still 1.0.
2. Having the same problem as Jonathan Bailey uploading.
3. Having the same problem as Arturo Perez trying to see “My files”
Basically, everything is broken. I hope this is fixed soon! Seems like it could be a useful tool…
January 17th, 2008 at 11:06 pm
[…] All that said, forever is certainly a long time and and while such scares keep us vigilant, I wouldn’t mind seeing DivShare stabilize bit, particularly because they have such a nice WP Plugin that integrates so beautifully with WPMu 1.3. […]
February 28th, 2008 at 10:15 am
[…] What’s so cool about this? Well, it means that you can have free and easy file storage, direct links to those files, and can embed those files anywhere. Podcasting, Videocasting, or even temporary storage - all possible and easy. There is even a Wordpress plugin to seamlessly integegrate Divshare uploading into your Wordpress dashboard. Get your free account today! […]