Tag Archives: plugin

Get Your Reviews with the iTunes Podcast Review Manager Plugin



iTunes logo newPodcasters are always trying to get more iTunes reviews. And one good strategy for doing that is to read those reviews on your show as they come in. But the iTunes client itself doesn’t provide a good way to find and then follow up on reviews. But a new WordPress plugin called iTunes Podcast Review Manager could make the process of getting iTunes reviews a whole lot easier.

Using iTunes Podcast Review Manager is pretty straightforward. Install the plugin by using either the Add New Plugin feature in WordPress or manually downloading and uploading it. Activate the plugin and then navigate to the Podcast Reviews menu in the sidebar of the WordPress dashboard. From there, go to the Settings page and enter the iTunes Store URL of your podcast. It may take a minute for the plugin to find your first batch of reviews. Once it’s done, it’ll display those reviews in a table that can then be sorted by country, date, rating, username, title or review.

iTunes Podcast Review Manager screenshot
Screenshot of part of the iTunes Podcast Review Manager display window.

I’ve only installed and used the plugin once but it’s working well so far. There’s also a Premium tab inside of iTunes Podcast Review Manager but all it says is a premium service will be launching soon.

If you’re a WordPress user and you’re looking for an easy way to get your iTunes reviews, take a look at iTunes Podcast Review Manager. Keep in mind that free services like this have come and gone in the past. If you don’t use WordPress and/or you’d like to use an established service for collecting your podcast reviews, you should check out My Podcast Reviews.


Popular WordPress SEO Plugin Vulnerable to Injection Attacks



Yoast LogoSEO by Yoast, a popular WordPress plugin used by many podcasters was found to have a bug that left the software vulnerable to SQL injection attacks. If the exploit were executed, an attacker would be able to take over an entire WordPress installation. From the Threatpost article linked above:

Vulnerable versions of the service are susceptible to arbitrarily executed SQL queries, in part because it lacks proper cross-site request forgery protections. If the attacker were able to trick an authenticated administrator, editor or author into following a link to a malicious page, the attacker could then create an admin role for himself and totally compromise affected sites.

While it’s impossible to know how many WordPress sites are running the infected plugin, the SEO by Yoast page on the WordPress plugin directory shows that the software is currently actively installed on over one million sites. In order to fix the vulnerability on your own WordPress site, ensure that you’re running version 1.74, which is the latest version of the Yoast plugin. (If you’re running an older version of the plugin, the WordPress dashboard should notify you of an available update the next time you log in.)

And regardless of which plugins you use, it’s always important to make sure all of them (as well as your core WordPress files) are always kept up to date. It’s the best way to safeguard your site against these kinds of issues.