Best WordPress Plugins – Social Media

WordPress is an incredibly flexible, easy-to-set-up and manage web publishing platform that has been downloaded more than 60 million times since its launch in 2003. As of August 2013, WordPress is used by nearly 19 percent of the top 10 million websites. The content management system’s popularity has spawned thousands – nearly 30,000 in fact – of plugins that expand the basic functionality of WordPress. At Connect4, we routinely use 45 WordPress plugins. We use some plugins, for security, admin, and SEO, for example, on nearly every site we create.

The problem with WordPress plugins is that many of them present as much trouble as they do opportunity on a website. Not all plugins play friendly in the same sandbox. And not all plugin developers continue to provide updates for their plugins. Plugins that haven’t been updated in a year make for a security risk. So make sure you consult with your webmaster or web developer prior to installing any of these plugins. It’s always a good idea to make sure you have a backup before trying out a new plugin.

Today we are going to focus on social media plugins.

Social Media

  1. Social Author Bio
  2. Social Media Feather

Social Author Bio

Social Author Bio adds a author bio box with the author’s avatar with built-in and custom social icons on pages/posts.

social-author-bio

 

Download Social Author Bio

Social Media Feather

Social Media Feather is a super lightweight and free social media WordPress plugin that allows you to quickly and painlessly add social sharing and following features to all your posts, pages and custom post types.

Now the only social sharing and bookmarking plugin with full support for the Retina and high resolution displays as used in iPad 5 and other devices!

The primary goal behind the plugin is to provide very lightweight WordPress social sharing and following that doesn’t add any unnecessary burden to your site and especially on your users.

What sets WordPress Social Media Feather aside from the plethora of other social sharing and following WordPress plugins is its focus on simplicity, performance and unobtrusive impact.

social-media-feather

 

Download Social Media Feather

Best WordPress Plugins – Search Engine Optimization

WordPress is an incredibly flexible, easy-to-set-up and manage web publishing platform that has been downloaded more than 60 million times since its launch in 2003. As of August 2013, WordPress is used by nearly 19 percent of the top 10 million websites. The content management system’s popularity has spawned thousands – nearly 30,000 in fact – of plugins that expand the basic functionality of WordPress. At Connect4, we routinely use 45 WordPress plugins. We use some plugins, for security, admin, and SEO, for example, on nearly every site we create.

The problem with WordPress plugins is that many of them present as much trouble as they do opportunity on a website. Not all plugins play friendly in the same sandbox. And not all plugin developers continue to provide updates for their plugins. Plugins that haven’t been updated in a year make for a security risk. So make sure you consult with your webmaster or web developer prior to installing any of these plugins. It’s always a good idea to make sure you have a backup before trying out a new plugin.

Today we are going to focus on search engine optimization (SEO) plugins. It’s a large category with two main plugins – WordPress SEO and All In One SEO. You can’t go wrong with either one but you should definitely use one of the two.

SEO

  1. WordPress SEO
  2. All In One SEO
  3. Google XML Sitemaps for Videos
  4. Broken Link Checker
  5. Redirection
  6. SEO Friendly Images
  7. SEO Smart Links

WordPress SEO

Out of the box WordPress out of the box is already a good platform for Search Engine Optimization. However, this doesn’t mean you can’t improve it further. The WordPress SEO plugin is written from the ground up by Joost de Valk and his team at Yoast to improve your site’s SEO on all needed aspects. While this WordPress SEO plugin goes the extra mile to take care of all the technical optimization, it first and foremost helps you write better content. WordPress SEO forces you to choose a focus keyword when you’re writing your articles, and then makes sure you use that focus keyword everywhere.

 

Download WordPress SEO by Yoast

All In One SEO

All In One SEO is like the little kid next door to WordPress SEO. If you want to improve upon the basic SEO settings of a clean WordPress site but don’t have time to optimize each page of content, All in One SEO Pack will automatically optimize it for you.

 

Download All In One SEO

Google XML Sitemaps for Videos

Sitemaps are a way to tell Google, Bing and other search engines about web pages, images and video content on your site that they may otherwise not discover.

The Video Sitemap plugin will generate an XML Sitemap for your WordPress blog using all YouTube videos that you may have embedded in your blog posts.

Download Google XML Sitemaps for Videos

Broken Link Checker

Broken Link Checker monitors your website for broken links and lets you know if any are found.

Features

  • Monitors links in your posts, pages, comments, the blogroll, and custom fields (optional).
  • Detects links that don’t work, missing images and redirects.
  • Notifies you either via the Dashboard or by email.
  • Makes broken links display differently in posts (optional).
  • Prevents search engines from following broken links (optional).
  • You can search and filter links by URL, anchor text and so on.
  • Links can be edited directly from the plugin’s page, without manually updating each post.
  • Highly configurable.

Download Broken Link Checker

Redirection

Redirection is a WordPress plugin that manages 301 redirections, keeps track of 404 errors, and generally cleans up any loose ends your site may have. This is particularly useful if you are migrating pages from an old website, or are changing the directory of your WordPress installation.

New features include:

  • 404 error monitoring – captures a log of 404 errors and allows you to easily map these to 301 redirects
  • Custom ‘pass-through’ redirections allowing you to pass a URL through to another page, file, or website.
  • Full logs for all redirected URLs
  • All URLs can be redirected, not just ones that don’t exist
  • Redirection methods – redirect based upon login status, redirect to random pages, redirect based upon the referrer!

Existing features include:

  • Automatically add a 301 redirection when a post’s URL changes
  • Manually add 301, 302, and 307 redirections for a WordPress post, or for any other file
  • Full regular expression support
  • Apache .htaccess is not required – works entirely inside WordPress
  • Redirect index.php, index.html, and index.htm access
  • Redirection statistics telling you how many times a redirection has occurred, when it last happened, who tried to do it, and where they found your URL
  • Fully localized

Download Redirection

SEO Friendly Images

SEO Friendly Images is a WordPress SEO plugin which automatically updates all images with proper ALT and TITLE attributes for SEO purposes. If your images do not have ALT and TITLE already set, SEO Friendly Images will add them according to the options you set. Additionally this makes the post W3C/xHTML valid as well.

The ALT attribute is important part of search engine optimization. It describes your images to search engine and when a user searches for a certain image this is a key determining factor for a match.

The TITLE attribute plays a lesser role but is still important for visitors as this text will automatically appear in the tooltip when mouse is over the image.

 

Download SEO Friendly Images

SEO Smart Links

SEO Smart Links provides automatic SEO benefits for your site in addition to custom keyword lists, nofollow and much more.

SEO Smart Links can automatically link keywords and phrases in your posts and comments with corresponding posts, pages, categories and tags on your blog.

Further SEO Smart links allows you to set up your own keywords and set of matching URLs. Finally SEO Smart links allows you to set nofollow attribute and open links in new window.

Download SEO Smart Links

Best WordPress Plugins – Comments, Contact Forms & Forums

WordPress is an incredibly flexible, easy-to-set-up and manage web publishing platform that has been downloaded more than 60 million times since its launch in 2003. As of August 2013, WordPress is used by nearly 19 percent of the top 10 million websites. The content management system’s popularity has spawned thousands – nearly 30,000 in fact – of plugins that expand the basic functionality of WordPress. At Connect4, we routinely use 45 WordPress plugins. We use some plugins, for security, admin, and SEO, for example, on nearly every site we create.

The problem with WordPress plugins is that many of them present as much trouble as they do opportunity on a website. Not all plugins play friendly in the same sandbox. And not all plugin developers continue to provide updates for their plugins. Plugins that haven’t been updated in a year make for a security risk. So make sure you consult with your webmaster or web developer prior to installing any of these plugins. It’s always a good idea to make sure you have a backup before trying out a new plugin.

Today we are going to talk about plugins that control comments, contact forms, and forums for WordPress.

Comments, Contact Forms & Forums

  1. Contact Form 7
  2. Thank Me Later
  3. Discuss Comment System

Contact Form 7

Contact Form 7 is the most widely used wordpress contact form because it is easy to use, extremely flexible, and free. Contact Form 7 can manage multiple contact forms, plus you can customize the form and the mail contents flexibly with simple markup. The form supports Ajax-powered submitting, CAPTCHA, Akismet spam filtering and so on.

contactform7

Download Contact Form 7

Thank Me Later

Have you ever posted a comment on a blog, or provided your email to a site and then received an email a few seconds after doing so?  You automatically think, “Well either that’s the most obsessive blog admin on the web, or this is an auto-generated email.”  Well, with Thank Me Later, you can make your ‘Thank you,’ emails far more personal through the ability to customize certain fields, and the best part… you can tell it to send hours after you the signup.  The beauty of this is the fact that it provides a much more personal touch to the emails that are programmed to be sent to new commenters and visitors. Thank Me Later sends ‘thank you’ emails to your commenters. Simply write a message saying thanks and it will be emailed after a time of your choice — 5 minutes, a day, a month, whenever!

thank me later

Download Thank Me Later

 

Disqus Comment System

Disqus, pronounced “discuss”, is a service and tool for web comments and discussions. Disqus makes commenting easier and more interactive, while connecting websites and commenters across a thriving discussion community.

Download Disqus Comment System

 

Best WordPress Plugins – Gallery & Portfolio

WordPress is an incredibly flexible, easy-to-set-up and manage web publishing platform that has been downloaded more than 60 million times since its launch in 2003. As of August 2013, WordPress is used by nearly 19 percent of the top 10 million websites. The content management system’s popularity has spawned thousands – nearly 30,000 in fact – of plugins that expand the basic functionality of WordPress. At Connect4, we routinely use 45 WordPress plugins. We use some plugins, for security, admin, and SEO, for example, on nearly every site we create.

The problem with WordPress plugins is that many of them present as much trouble as they do opportunity on a website. Not all plugins play friendly in the same sandbox. And not all plugin developers continue to provide updates for their plugins. Plugins that haven’t been updated in a year make for a security risk. So make sure you consult with your webmaster or web developer prior to installing any of these plugins. It’s always a good idea to make sure you have a backup before trying out a new plugin.

Today we take a look at the best wordpress plugins – gallery and portfolio.

Gallery & Portfolio

Awesome Gallery 

Awesome-Gallery

  • Top priority – easy to use admin interface. No tech skills and rocket science required, just follow step by step instructions.
  • 3 layout modes – horizontal flow, vertical flow and classic grid. You can read more about them below.
  • 7 image sources. All most popular services included and counting
  • 10 style presets
  • Custom styling support
  • Load more / Infinite scroll support + easily handles hundreds of images.
  • Built-in lightbox
  • Unique builtin support
  • Responsive and Retina-ready

Next Gen Gallery

NextGEN-Gallery

 

The Next Gen gallery is the most-used wordpress gallery. It is very common because it’s easy to use and offers the following features:

  • Centralized gallery management. Enjoy a single location where you can see and manage all your galleries.
  • Edit galleries. Add or exclude images, change gallery title and description, reorder of images, resize thumbnails.
  • Thumbnail Management. Turn thumbnail cropping on off, customize how individual thumbnails are cropped, and bulk resize thumbnails across one more galleries.
  • Edit Individual Images. Edit meta data and image tags, rotate images, exclude images.
  • Watermarks. Quickly add watermarks to batches or galleries of images.
  • Albums. Create and organize collections of galleries (“albums”), and display them in either compact or extended format.

Tumblr Photoset Grid/Masonry Gallery for WordPress

Tumblr-Photoset-Grid-Masonry-Gallery-for-WordPress

  • Support batch upload, and convert the large image to small thumbnail via PHP automatically, help you to add a gallery in a minute, keep the gallery load fast too.
  • Live preview in the backend, what you see is what you get.
  • Flexibility layout, you can customize each row image number just via a number sequence.
  • Responsive, works fine in the small screen device (like iPhone, iPad) too.
  • You can drag the thumbnail to re-order the item easily in the backend.
  • Optional padding between each image.
  • Optional lightbox or image link.
  • Optional slideshow and slideshow delay.
  • Multiple and unlimited photoset instance on same page.
  • Compatible with latest jQuery and latest WordPress.
  • Enqueue the js and css only when needed. Keep WordPress page size smaller.
  • You can add/edit the chart without touching the code. Customize/update the image with WordPress backend.
  • FAQ and source code are included in the package. Free update in the future.

 GO – Responsive Portfolio for WP

go-portfolio

 

This is our favorite new responsive portfolio/gallery option for WordPress sites.

  • 4 default styles (FLEXDOORVARIODELUX).
  • Reponsive grid layout or horizontally slider layout (up to 10 columns).
  • Flexible, percent based grid system with customizable vertical and horizontal spaces.
  • Optional responsivity with custom settings.
  • Huge Admin Panel with tons of options.
  • Unlimited portfolios.
  • Unlimited custom post types.
  • Works with your existing custom post types and regular blog posts.
  • WooCommerce support – Product showcase.
  • Advanced post query options to show posts, setting the limit and order of the posts, filtering by taxonomies and terms.
  • Different thumbnail and lightbox types:
    • Image (JPG, PNG, GIF)
    • Video (Vimeo, Youtube, Screenr, Dailymotion, Metacafe)
    • Audio (Soundcloud, Mixcloud, Beatport)
  • Thumbnail and lightbox image size selecting options using your existing images.
  • Thumbnail aspect ratio settings option to use the their default aspect ratio or a custom one.
  • Built-in Template & Style editor with adding, editing, importing options.
  • System and Google Web Font (600+ fonts) support.
  • Translation ready with .mo .po files.
  • Advanced Import & Export settings.
  • Supports all modern browsers (including IE8).

Best WordPress Plugins 2014 – Admin, Backup & Security

WordPress is an incredibly flexible, easy-to-set-up and manage web publishing platform that has been downloaded more than 60 million times since its launch in 2003. As of August 2013, WordPress is used by nearly 19 percent of the top 10 million websites. The content management system’s popularity has spawned thousands – nearly 30,000 in fact – of plugins that expand the basic functionality of WordPress. At Connect4, we routinely use 45 WordPress plugins. We use some plugins, for security, admin, and SEO, for example, on nearly every site we create.

The problem with WordPress plugins is that many of them present as much trouble as they do opportunity on a website. Not all plugins play friendly in the same sandbox. And not all plugin developers continue to provide updates for their plugins. Plugins that haven’t been updated in a year make for a security risk. So make sure you consult with your webmaster or web developer prior to installing any of these plugins. It’s always a good idea to make sure you have a backup before trying out a new plugin.

Today we are going to talk about plugins that control the WordPress backend. These are critical plugins that nearly every site should have.

Admin, Backup & Security

  1. Akismet
  2. Wordfence Security
  3. VaultPress
  4. Google Analytics Dashboard for WP
  5. GZip Ninja Speed Compression
  6. Members
  7. Velvet Blues Update URLs
  8. W3 Total Cache
  9. Adminimize
  10. Page Comments Off Please
  11. Yith Maintenance Mode

Akismet

Akismet checks your comments against the Akismet web service to see if they look like spam or not and lets you review the spam it catches under your blog’s “Comments” admin screen. You’ll need an Akismet.com API key to use it. Keys are free for personal blogs, with paid subscriptions available for businesses and commercial sites.

Download Akismet

Wordfence Security

Wordfence Security plugin

Wordfence Security is a free enterprise class security plugin that includes a firewall, anti-virus scanning, cellphone sign-in (two factor authentication), malicious URL scanning and live traffic including crawlers. Wordfence is the only WordPress security plugin that can verify and repair your core, theme and plugin files, even if you don’t have backups.

Download Wordfence Security

 

VaultPress

VaultPress is a real-time backup and security scanning service designed and built by Automattic, the same company that operates 25+ million sites on WordPress.com.

The VaultPress plugin provides the required functionality to backup and synchronize every post, comment, media file, revision and dashboard settings on our servers. To start safeguarding your site, you need to sign up for a VaultPress subscription.

Download VaultPress

Google Analytics Dashboard for WP

Google Analytics Dashboard for WP  is a plugin that will display Google Analytics statistics on your website backend. Analytics data, like number of visits, provided through Google API, is integrated into a simple widget on your WordPress Administration Dashboard.

Using a widget, Google Analytics Dashboard displays detailed analytics info and statistics about: number of visits, number of visitors, bounce rates, organic searches, pages per visit directly on your Admin Dashboard.

Authorized users can also view statistics like Views, UniqueViews and top searches, on frontend, at the end of each article.

Download Google Analytics Dashboard

GZip Ninja Speed Compression

Have you been told that your website is slow? Try this very simple plugin that allows you to quickly compress and GZip your site. Only Works On Apache Servers (almost all WordPress installs are on Apache Servers). This will give you the ability to increase your speed and possibly even your rank in Google from a speed increase.

Download GZIP Ninja Speed Compression

Members

Members is a plugin that extends your control over your blog. It’s a user, role, and content management plugin that was created to make WordPress a more powerful content management system.

The foundation of the plugin is its extensive role and capability management system. This is the backbone of all the current features and planned future features.

Plugin Features:

  • Role Manager: Allows you to edit, create, and delete roles as well as capabilities for these roles.
  • Content Permissions: Gives you control over which users (by role) have access to post content.
  • Shortcodes: Shortcodes to control who has access to content.
  • Widgets: A login form widget and users widget to show in your theme’s sidebars.
  • Private Site: You can make your site and its feed completely private if you want.

Download Members

Velvet Blues Update URLs

This is one of those plugins that you might use very rarely, but is still unbelievably valuable.

If you move your WordPress website to a new domain name, you will find that internal links to pages and references to images are not updated. Instead, these links and references will point to your old domain name. This plugin fixes that problem by helping you change old urls and links in your website.

Features:

  • Users can choose to update links embedded in content, excerpts, or custom fields
  • Users can choose whether to update links for attachments
  • View how many items were updated

 

 

 

 

 

 

 

 

 

 

 

 

 

Download Velvet Blues Update URLs

W3 Total Cache

There are quite a few caching plugins out there. W3 Total Cache is recommended by web hosts like: Page.ly, Synthesis, DreamHost, MediaTemple, GoDaddy, HostGator and countless more.

Trusted by countless companies like: AT&T, stevesouders.com, mattcutts.com, mashable.com, smashingmagazine.com, makeuseof.com, yoast.com, kiss925.com, pearsonified.com, lockergnome.com, johnchow.com, ilovetypography.com, webdesignerdepot.com, css-tricks.com and tens of thousands of others.

W3 Total Cache improves the user experience of your site by increasing server performance, reducing the download times and providing transparent content delivery network (CDN) integration.

Download W3 Total Cache

Adminimize

This is a great plugin. As WordPress becomes a more complex content management system (particularly once you install all of these plugins), the dashboard gets cluttered. Not all of your users need to access to all of the backend features. Adminimize visually compresses the administrative header so that more admin page content can be initially seen. The plugin also moves ‘Dashboard’ onto the main administrative menu because having it sit in the tip-top black bar was ticking me off and many other changes in the edit-area. Adminimize is a WordPress plugin that lets you hide ‘unnecessary’ items from the WordPress administration menu, submenu and even the ‘Dashboard’, with forwarding to the Manage-page.

Download Adminimize

Page Comments Off Please

This is another great simple plugin for anyone using WordPress as a content management system. You can manage page and post comments (and their defaults) separately.

Download Page Comments Off Please

Yith Maintenance Mode

If you’re working on your website and would like to make it known to your visitors, install the plugin YITH Maintenance Mode to quickly set a lovely customizable page to let your visitors know the site is closed for maintenance.

Download Yith Maintenance Mode

How to Improve the WordPress Admin User Interface

Initially WordPress was just for blogs. But now WordPress commands roughly half of the website content management market, taking over market share from Joomla and Drupal and other content management systems. This is mainly because WordPress is so easy to use and administer. The one drawback – and a significant reason why many still use Joomla – is the admin user interface. The admin area is the heart of any WordPress-powered site – it’s where everything is controlled – posts, pages, media, comments, etc. – A site with more than 10 pages and galleries can be difficult to manage in WordPress. Difficult, that is, without adding some of the following plugins. Plugins allow you to customize only what you need.

For example, suppose you have someone on your staff composing blogs for you. The out-of-the-box WordPress admin interface does not have a robust feature for editorial control and review.

Today, we will introduce you to a number of fantastic plugins that will enhance your WordPress website in some way. These admin plugins are all free to download from the official WordPress plugin directory and will help protect your website, give you more control over users or automate the editorial process. As always, we recommend that you consult with your website administrator prior to installing any new plugins since they can occasionally conflict with each other and break your website.

Post Scheduling & Management

1. Editorial Calendar

This is the perfect plugin for managing the scheduling of your posts. Editorial Calendar adds a calendar page to the post section of your admin area. Each day shows the posts that are scheduled for that day. Multiple posts are listed in chronological order.

Watch the Video to learn more

Editorial Calendar: Download

2. Peter’s Collaboration Emails

This is a great plugin for managing the editorial flow of blog posts. When a contributor submits a post for review, the plugin emails the specified users to let them know there is a post to review. Once the post is approved, the contributor gets an email letting them know it has been accepted. If the post is changed back to “Draft,” the contributor is advised that it has not been accepted and is sent a link to edit the article.

Peter’s Collaboration Emails: Download

3. Peter’s Post Notes

On its own, this plugin adds a panel to the sidebar of the add and edit post / page screens so that users can add notes for themselves or others and keep track of these notes. Whenever you save a post, you can type a note to be displayed along with the post in the edit view. When used with Peter’s Collaboration E-mails 1.2 and up, the notes are sent along with the e-mails in the collaboration workflow. There is also a general and private notes system on the dashboard.

On the dashboard, there’s also a summary of the most recent notes. By default this shows notes by all people on relevant posts / pages. There is also a general and private notes system.

peter's_post_notes

 

 

 

 

 

 

 

 

 

 

Peter’s Post Notes: Download

4. Content Audit

Content Audit lets you and your staff easily review old content and determine if it’s still relevant. The plugin works with posts, pages and media. You can automatically set content as outdated after a set period of time and notify post authors about it. Content can be marked as redundant, outdated or trivial. You can also mark content as needing a review of SEO or style.

content-audit

 

 

 

 

 

 

Content Audit: Download

5. Edit Flow

Edit Flow empowers you to collaborate with your editorial team inside WordPress. It’s feature rich and comes with a calendar, custom statuses, editorial comments, notifications, story budget, and user groups.

edit-flow

 

 

 

 

Edit Flow: Download

General Admin

6. Adminimize

This is a great plugin that let’s you hide parts of the admin dashboard that you deem “unnecessary”.  You can change back-end options; global options; dashboard options; write options for posts, pages and custom page types; link options; and menu options.

Adminimize: Download

Security

7. WordFence Security

This is an incredibly valuable plugin that is completely free. WordFence includes a firewall, anti-virus scanning, cellphone sign-in (two factor authentication), malicious URL scanning and live traffic including crawlers. Wordfence is the only WordPress security plugin that can verify and repair your core, theme and plugin files, even if you don’t have backups.

wordfence-security

WordFence Security: Download

Summary

The great thing about WordPress is that the default installation doesn’t overwhelm you with options. This allows users to choose the plugins that best meet our particular needs and disregard those that don’t.

You might find that some of these plugins can be disabled after you use them. I recommend reviewing your situation every month or so and remove any plugins that aren’t being used regularly. Also it’s a best practice to remove any plugins that have not been updated (by the plugin developer) in at least a year. Old plugins increase the chance that someone can hack into your site. Update plugins regularly and delete plugins that you don’t use.

WordFence Security Update

We are seeing exploits in the wild appear within the last week for the following WordPress themes and plugins. If you are running any of these themes or plugins, check if there is a recent security update and install the update, or remove the item from your system if there is no security update. If you’re unsure, contact the theme/plugin developer or vendor.

  • Cubed Themes version 1.0 to 1.2. Remote file upload vulnerability. Distributed by themeprofessor.com. Exploit released on 9 November 2013.
  • Army Knife Theme, unspecified version. CSRF File Upload vulnerability. Theme is distributed by freelancewp.com. Exploit released 9 November 2013.
  • Charcoal Theme. CSRF File upload vulnerability. Distributed by the official WordPress repository. The theme hasn’t been updated for several years, so we recommend deleting all files from your system.
  • WP Realty Plugin may contain an email sender vulnerability. Please contact vendor for clarification. We’re seeing exploits that claim to exploit this hole. Plugin is distributed by wprealty.org.
  • The following themes distributed by orange-themes.com appear to contain a remote file upload vulnerability and we’re seeing exploits appear in the wild, all published around November 12, 2013: Rockstar Theme, Reganto Theme, Ray of Light Theme, Radial Theme, Oxygen Theme, Bulteno Theme, Bordeaux Theme. Please contact the vendor to find out of your theme is applicable and what action to take.
  • Amplus Theme version 3.x.x contains a CSRF file upload vulnerability. We’re unclear who the vendor is, but it appears to be Themeforest.
  • Make a Statement Theme version 1.x.x (also known as MaS ) contains a CSRF file upload vulnerability. Exploit distributed November 17, 2013. Vendor is themes.mas.gambit.ph.
  • Dimension Theme, unspecified version, contains a CSRF file upload vulnerability. Theme is distributed by ThemeForest. Exploit appeared November 17th, 2013.
  • Euclid Version 1 Theme contains a CSRF File Upload Vulnerability. Exploit appeared today. Theme is distributed by FreelanceWP.com.
  • Project 10 Theme, Version 1.0. Remote file upload vulnerability. Distributed by ThemeForest. Exploit appeared today.

Please remember: Deactivating a theme or plugin with a security hole does not make it safe. You need to remove all files from your system to remove the security hole in a theme or plugin. If your theme or plugin is listed here, don’t panic. First contact your theme or plugin author or vendor. Work with them to determine if your particular version contains the vulnerability we’ve publicized and get their advice on what action to take. If they are not contactable after a reasonable amount of time, work with your hosting provider or site developer to determine if you have a vulnerability and what action to take.

Source: www.wordfence.com