Download Blix Krieg 2.3.1 MAJOR RELEASE

November 26th, 2007

Hi everyone - I’ve today perfected the newest major release of Blix Krieg, version 2.3.1

Blix Krieg is a widgetized, Google adsense and Search Engine friendly version of Sebastian Schmieg’s original Blix theme.

Unlike the original Blix Theme, BlixKrieg is fully compatible with the newest version of Wordpress. Blix Krieg can be installed as a drop in replacement for Blix if you are having problems with your Blix Based site after upgrading Wordpress.

You can download the latest version of Blix Krieg HERE, and see the latest version at work on our Blixkrieg beta test page.

Problems that I have identified and corrected in this release include:-

Blix XSS (Cross Site Scripting) Vulnerability Corrected

XSS, or cross site scripting, is a technique that can be used by hackers to gain unauthorised access to a blog. In its most basic form, an XSS attack occurs when a hacker inserts executable code within an input form (for instance, when entering comments or doing a search) and it can be used (in the worst case scenario) to gain unauthorised access to your blog.

For the techophiles amongst you, this type of attack is described in the excellent paper by Gavin Zuchlinski, “The Anatomy of an XSS Attack“.

It recently came to my attention that this vulnerability exists in the original Blix theme, and had been inherited by Blix Krieg (and other Blix variants such as dark blix, the webble you blix theme, Blixed and Blix with adsense). In the case of blixkrieg, the extent of the vulnerability has been minor, but worth correcting nonetheless.

You can easily test for the vulnerability by typing <script>alert(’xss’);</script> into the search bar of your version of blix, and pressing ‘go!’ - if you see a pop-up, you have the vulnerability.

The good news is that I’ve now made a few substantial changes to the theme to sanitize user input and completely remove the vulnerability.

Sidebar Icons Broken After Upgrade

Some users reported that the default Blix sidebar icons were broken after an upgrade to wordpress 2.3.1. I have corrected that problem in this release.

Cheers and all the best,

Matt

Digg!

Entry Filed under: BlixKrieg Theme

If you found this page useful, consider linking to it.
Simply copy and paste the code below into your web site (Ctrl+C to copy)
It will look like this: Download Blix Krieg 2.3.1 MAJOR RELEASE

7 Comments Add your own

  • 1. David  |  January 5th, 2008 at 11:44 pm

    Your comments form is playing up.

    The form text area shrinks as you type, very strange, seems to occur after you add a certain amount of text.

  • 2. Mattz  |  January 9th, 2008 at 6:54 am

    When I make the left menu smaller I get a very strange line on the bottom of a “Post-page” with a small “d” above it.

    I can’t find it anywhere in the CSS code what could make this happen.

    Let’s say it happens when you set the #subcontent on 150px and you made the container about 750px

  • 3. max  |  February 5th, 2008 at 5:45 am

    I love this theme because I know it solid and simple. I’m about to upgrade from wp 2.0 to 2.3.2

    I see references to 2.3.1 on your blog but not 2.3.2. Should it be ok.

    Thanks,
    Max

  • 4. Robert  |  March 15th, 2008 at 2:34 pm

    I love Blix but am having trouble installing BlixKrieg. Maybe you can help.

    It’s in my themes directory in a directory named “BlixKrieg2.3.1″ (that’s how it was downloaded onto my computer). Inside the directory are another directory, named “images”; four CSS files; and 18 PHP files.

    When I choose the BlixKrieg theme, however, my blog reverts to no theme at all.

    Should the BlixKrieg directory be called “BlixKrieg-Adsense”? Is something structured wrong? What should I do to make it work?

    Thanks.

  • 5. Robert  |  March 16th, 2008 at 11:39 pm

    Solved that problem (by decompressing archives after uploading rather than before), but I also have the problem with the shrinking comment form.

  • 6. Carol Lisa  |  March 31st, 2008 at 11:00 am

    I created an “About” page in WordPress. This created two “About” buttons in the header navigation bar. One links to a 404 error page and the other links appropriately to the About page. How do I get rid of the duplicate About button? Thanks!!

  • 7. Carol Lisa  |  April 1st, 2008 at 3:41 am

    Okay, back again - has anyone solved the shrinking comment box problem? A google search seems to indicate that it happens when the blog is viewed using MSIE 7. I tried testing the BlixKrieg site using MSIE7 and the comment box shrinks on this site too. Help! (Still looking for a solution on the posting above with the two “Abouts” in the navi bar.) Thanks!

Leave a Comment

Required

Required, hidden

Some HTML allowed:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>

Trackback this post  |  Subscribe to the comments via RSS Feed

Featured Advertiser

Categories

Buy me a beer!

This sure is thirsty work - Here's your chance to buy me a beer :)

Links

Feeds

Posts by Month