MyEasyBackup plugin security update

WordPress plugin security fix

WordPress plugin security fix

I’m glad to inform you that the MyEasyBackup WordPress plugin security issue I reported yesterday for 0.0.2 version is fixed with 0.0.3 version. It is perfect. Wonderfully! Thanks to Ugo Grandolini aka “camaleo” for so fast reaction and reliable security update.

MyEasyBackup WordPress plugin is useful for those who wish to get blog backup copies on a regular base and doesn’t familiar with tar, gzip, mysqldump, linux shell, etc. or just doesn’t have SSH access to his/her blog. User friendly interface lets you make full blog backup really easy. So “MyEasyBackup” confirms its name by its functionality.
From the plugin user side I think with this little suggestions realized the plugin can become better:
– give to user the ability to change the default path where to store backup files; This will be useful if user wish to store different blogs backup files in the different folders.
– give to user the ability to change backup file name prefix. This will be useful if user wish to store different blogs backup files in the single folder.

Tags: , ,

  • Mmonk

    is this plugin now really safe enough to use or not?
    I read a comment here bringing up some issues. Not being a programmer myself I can't judge it. Is the .ini file accessible to others?

  • shinephp

    thanks for the question.
    After post I made about myeasybackup plugin vulnerability I email with Ugo (myeasybackup plugin author) some time and I'm sure he is a real professional. If some problem appears in his plugin it is a normal process for every new product. Author build the functionality, users and other developers test it and make feedback. Professional resolves problems ASAP as Ugo does.
    I walked through the 0.1.0 version code today and confirm that problem with myeasybackup.ini file was resolved in this version. Blog credentials needed Ugo to restore blog data from the backup copy is stored now as reliably as WordPress itself does with its own wp-config.php configuration file.
    Another issue from that aggressive wordpress support forum post: myeasybackup plugin uses a few images which are hosted at his site. Yes he can know what sites use his plugin with that. Is it bad? I think know. There are much more efficient and more hidden from the most of users ways to get that information. It is just a favour from his side, I think.