The New Oil<p><a href="https://mastodon.thenewoil.org/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> security plugin <a href="https://mastodon.thenewoil.org/tags/WPGhost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WPGhost</span></a> vulnerable to remote code execution bug</p><p><a href="https://www.bleepingcomputer.com/news/security/wordpress-security-plugin-wp-ghost-vulnerable-to-remote-code-execution-bug/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/wordpress-security-plugin-wp-ghost-vulnerable-to-remote-code-execution-bug/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
pawb.fun is one of the many independent Mastodon servers you can use to participate in the fediverse.
This instance aimed at any and all within the furry fandom, though anyone is welcome! We're friendly towards members of the LGBTQ+ community and aiming to offer a safe space for our users.
Administered by:
Server stats:
297active users
pawb.fun: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6+glitch
#wordpress
15 posts · 15 participants · 1 post today
The New Oil<p><a href="https://mastodon.thenewoil.org/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> campaign '<a href="https://mastodon.thenewoil.org/tags/DollyWay" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DollyWay</span></a>' breached 20,000 <a href="https://mastodon.thenewoil.org/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> sites</p><p><a href="https://www.bleepingcomputer.com/news/security/malware-campaign-dollyway-breached-20-000-wordpress-sites/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/malware-campaign-dollyway-breached-20-000-wordpress-sites/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Tim Chambers<p>Free idea: <a href="https://indieweb.social/tags/Ghost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ghost</span></a> and <a href="https://indieweb.social/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> blog posts that federate out should in the publishing UX suggest that authors add the optional hashtag <a href="https://indieweb.social/tags/Fediblog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fediblog</span></a> to the post. Not mandatory, just a nudge. </p><p>Would greatly help with the discovery of cool blogs to follow here. cc: <span class="h-card" translate="no"><a href="https://mastodon.social/@pfefferle" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>pfefferle</span></a></span> <span class="h-card" translate="no"><a href="https://john.onolan.org/" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>index</span></a></span></p><p>cc: </p><p><a href="https://caneandable.social/@WeirdWriter/114197062951945178" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">caneandable.social/@WeirdWrite</span><span class="invisible">r/114197062951945178</span></a></p>
Matthias Pfefferle<p>I am just back from an awesome <a href="https://mastodon.social/tags/hackathon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hackathon</span></a> at the <a href="https://mastodon.social/tags/cloudfest" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudfest</span></a> </p><p>We had three days to work on Federated (<a href="https://mastodon.social/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a>) Events, you can find our results on that lovely page: <a href="https://fedivents.blog/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">fedivents.blog/</span><span class="invisible"></span></a></p><p>Thanks especially to <span class="h-card" translate="no"><a href="https://graz.social/@linos" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>linos</span></a></span> for his awesome work with the Event Bridge: <a href="https://wordpress.org/plugins/event-bridge-for-activitypub/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wordpress.org/plugins/event-br</span><span class="invisible">idge-for-activitypub/</span></a></p><p>...and to <span class="h-card" translate="no"><a href="https://phpc.social/@heiglandreas" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>heiglandreas</span></a></span> for pitching and leading the project!</p><p><a href="https://mastodon.social/tags/ActivityPub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ActivityPub</span></a> <a href="https://mastodon.social/tags/Fediverse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Fediverse</span></a> </p><p><span class="h-card" translate="no"><a href="https://mastodon.xyz/@johnonolan" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>johnonolan</span></a></span> the team came up with the puppies without any knowledge of your newsletter, so this must be really a thing!</p>
Matthias Pfefferle<p>we just released version 5.5.0 of the <a href="https://mastodon.social/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> <a href="https://mastodon.social/tags/ActivityPub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ActivityPub</span></a> plugin <a href="https://github.com/Automattic/wordpress-activitypub/releases/tag/5.5.0" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/Automattic/wordpres</span><span class="invisible">s-activitypub/releases/tag/5.5.0</span></a></p>
Konstantin Obenland’s :yikes:<p>ActivityPub 5.5.0 for WordPress is here! 🚀 </p><p>This update brings a ton of improvements, including a first step toward supporting Moves from Mastodon to WordPress—big things ahead! </p><p><a href="https://mastodon.social/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> <a href="https://mastodon.social/tags/ActivityPub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ActivityPub</span></a> </p><p><a href="https://wordpress.org/plugins/activitypub/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wordpress.org/plugins/activity</span><span class="invisible">pub/</span></a></p>
David Bisset<p>"Free software does not exist"</p><p><a href="https://progressplanner.com/free-software-does-not-exist/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">progressplanner.com/free-softw</span><span class="invisible">are-does-not-exist/</span></a></p><p>"The end result may be available at no cost, but it requires time, money and, above all, energy to get there.... And to keep the free software available, those people will need to stay motivated."</p><p><span class="h-card" translate="no"><a href="https://joost.net/@joost" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>joost</span></a></span> </p><p><a href="https://phpc.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://phpc.social/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a></p>
Sir Rochard 'Dock' Bunson<p>I have a <a href="https://universeodon.com/tags/Wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wordpress</span></a> from 2 years ago with 1 post that I forgot about? <br>:blobcatthink: <br>That tracks. 😅</p>
Bill<p>Almost 8000 reported exploitable bugs reported in WordPress last year. How many were unreported?</p><p><a href="https://patchstack.com/whitepaper/state-of-wordpress-security-in-2025/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">patchstack.com/whitepaper/stat</span><span class="invisible">e-of-wordpress-security-in-2025/</span></a></p><p><a href="https://infosec.exchange/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wordpress</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a></p>
Karsten Schmidt<p><a href="https://mastodon.thi.ng/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> security is such a bane & nuisance, even for people who aren't even using it. In the past 24h I've been bombarded again with dozens of WP login spam emails, and my (static) sites had >4600 requests obviously scanning for all sorts of WP-related files & vulnerabilities...</p><p>Second to that is another group of scans (~1080) looking for mistakenly uploaded credential files in `.aws/*`, `.env.*`, `.ssh/*` etc.</p><p>😡😤</p>
a pup of coffee :v_agender: :bowie: ☕<p><a href="https://tech.lgbt/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> really doesn't like you making custom blocks without using build tools. I just want to write vanilla JS!</p>
OTX Bot<p>Credit Card Skimmer and Backdoor on WordPress E-commerce Site</p><p>A sophisticated malware attack targeting WordPress WooCommerce sites was discovered, involving multiple components: a credit card skimmer, a hidden backdoor file manager, and a reconnaissance script. The attack focused on financial gain and long-term control. The skimmer, injected into the checkout page, collected payment and billing information, sending it to a malicious server. A PHP backdoor allowed remote system command execution, while a reconnaissance script gathered server information. The attack demonstrates the evolving complexity of e-commerce platform threats, emphasizing the need for strict security measures, regular scans, proper access controls, and timely updates to prevent such exploits.</p><p>Pulse ID: 67d52aad906732f7bad24dfa<br>Pulse Link: <a href="https://otx.alienvault.com/pulse/67d52aad906732f7bad24dfa" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">otx.alienvault.com/pulse/67d52</span><span class="invisible">aad906732f7bad24dfa</span></a> <br>Pulse Author: AlienVault<br>Created: 2025-03-15 07:22:21</p><p>Be advised, this data is unverified and should be considered preliminary. Always do further verification.</p><p><a href="https://social.raytec.co/tags/BackDoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BackDoor</span></a> <a href="https://social.raytec.co/tags/CreditCard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CreditCard</span></a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>InfoSec</span></a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Malware</span></a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTX</span></a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenThreatExchange</span></a> <a href="https://social.raytec.co/tags/PHP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>PHP</span></a> <a href="https://social.raytec.co/tags/RAT" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RAT</span></a> <a href="https://social.raytec.co/tags/RCE" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RCE</span></a> <a href="https://social.raytec.co/tags/RDP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RDP</span></a> <a href="https://social.raytec.co/tags/Word" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Word</span></a> <a href="https://social.raytec.co/tags/Wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wordpress</span></a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bot</span></a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AlienVault</span></a></p>
TheZeldaZone👑🏳️⚧️🎮🎀<p>Anyone know <a href="https://mastodon.social/tags/Torrents" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Torrents</span></a> better than me? I am trying to share my <a href="https://mastodon.social/tags/streaming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>streaming</span></a> vods and other videos on Torrent because, well, too big to put them anywhere else but corpo sites. </p><p>I put up one on Internet Archive and tried self-seeding it for a test and...yeah nobody can find my seed even tried downloading it myself on a different PC. No clue. </p><p>Found a Torrent plugin for <a href="https://mastodon.social/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wordpress</span></a> but it kinda sucks. I just need a tracker and ideally a non-hideous way to share it online</p>
Vary, el del sombrero, en NeoPaquita 🍉🐀🦩🔻<p>Sigo sin poder usar las app de <a href="https://neopaquita.es/tags/mastodon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mastodon</span></a> para controlar e interactuar desde <span class="h-card" translate="no"><a href="https://alvarobayon.com/@curiosabiologia" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>curiosabiologia</span></a></span>. El sitio alvarobayon.com está en <a href="https://neopaquita.es/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wordpress</span></a>, tiene activado el plugin <a href="https://neopaquita.es/tags/activityPub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>activityPub</span></a> y he instalado el “enable mastodon app” (EMA)</p><p>Esta semana he intentado cacharrear un poco más, desactivando todos los plugin salvo los dos necesarios. Y nada. </p><p>¿Alguien tiene alguna idea antes de intentar preguntar en el foro del EMA?</p>
ResearchBuzz: Firehose<p>Search Engine Journal: Mullenweg Considers Delaying WordPress Releases Through 2027. “A leaked WordPress Slack chat shows that Matt Mullenweg is considering limiting future WordPress releases to just one per year from now through 2027 and insists that the only way to get Automattic to contribute more is to pressure WP Engine to drop their lawsuit. One WordPress developer who read that message […]</p><p><a href="https://rbfirehose.com/2025/03/14/search-engine-journal-mullenweg-considers-delaying-wordpress-releases-through-2027/" class="" rel="nofollow noopener noreferrer" target="_blank">https://rbfirehose.com/2025/03/14/search-engine-journal-mullenweg-considers-delaying-wordpress-releases-through-2027/</a></p>
Elizabeth Tai | 戴秀铃 🇲🇾<p>A lot of times the <a href="https://hachyderm.io/tags/DigitalGarden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DigitalGarden</span></a> scene seems dominated by developers. People who exist in in-between places like me feel a bit frustrated that the tools used - the static site generators - are so unfriendly to non-developer minds.<br>So, I'm glad that there are some folks who are building digital gardens on <a href="https://hachyderm.io/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wordpress</span></a>.<br>I have plans to use <a href="https://hachyderm.io/tags/Obsidian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Obsidian</span></a> and a plugin - probably either Quartz, Eveloppe or digital garden - to generate my static site one day, but this is a good workaround while I plan the possibly very complicated transition.<br>I did think about using <a href="https://hachyderm.io/tags/Astro" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Astro</span></a> but the mechanics of it seem so frightening lol</p><p>cc <span class="h-card" translate="no"><a href="https://mastodon.social/@jenxi" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jenxi</span></a></span> I know you did it successfully, but I doubt I'd be able to execute half of what you did!</p><p><a href="https://cagrimmett.com/2023/11/09/notes-on-making-a-digital-garden-with-wordpress/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cagrimmett.com/2023/11/09/note</span><span class="invisible">s-on-making-a-digital-garden-with-wordpress/</span></a></p>
Elizabeth Tai | 戴秀铃 🇲🇾<p>WP.com's Query block is seriously the most unintiutive piece of UI ever. Even after reading the documentation I'm scratching my head lol.</p><p><a href="https://wordpress.com/support/wordpress-editor/blocks/query-loop-block/content/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wordpress.com/support/wordpres</span><span class="invisible">s-editor/blocks/query-loop-block/content/</span></a></p><p><a href="https://hachyderm.io/tags/Wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Wordpress</span></a> <a href="https://hachyderm.io/tags/blogging" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>blogging</span></a></p>
Darnell Clayton :verified:<p>If this is true then only <span class="h-card" translate="no"><a href="https://threads.net/@wordpressdotcom/" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>wordpressdotcom</span></a></span> would receive updates while the rest of the <a href="https://one.darnell.one/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a> community withers. </p><p>👉🏾 <span class="h-card" translate="no"><a href="https://mastodon.social/@photomatt" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>photomatt</span></a></span> Considers Delaying WordPress Releases Through 2027 <a href="https://www.searchenginejournal.com/mullenweg-considers-delaying-wordpress-releases-through-2027/541821/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">searchenginejournal.com/mullen</span><span class="invisible">weg-considers-delaying-wordpress-releases-through-2027/541821/</span></a></p><p>I am not a lawyer or time traveler, but from Matt’s odd statements, it appears that <a href="https://one.darnell.one/tags/WPEngine" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WPEngine</span></a> may actually win their lawsuit against <a href="https://one.darnell.one/tags/Automattic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Automattic</span></a>.</p><p>Matt on the other hand is “cutting off his nose to spite his face” with these measures, which is baffling honestly.</p>
Alexandre Dulaunoy<p>I find this vulnerability hilarious</p><p>« The GDPR Cookie Compliance – Cookie Banner, Cookie Consent, Cookie Notice – CCPA, DSGVO, RGPD plugin for WordPress is vulnerable to Stored Cross-Site Scripting »</p><p>Often, websites only use cookies necessary for normal operation and don’t require explicit user consent. However, some legal teams insist on having it “to be on the safe side.” Now it’s very safe indeed. ;-)</p><p>This particular vulnerability isn’t a big deal since it requires admin rights on WordPress to inject. If you’re already an admin, you can do worse things. The only advantage for attackers is that the injection spreads everywhere.</p><p><a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/gdpr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>gdpr</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/wordpress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>wordpress</span></a> </p><p>🔗 <a href="https://vulnerability.circl.lu/vuln/CVE-2025-2205" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/CV</span><span class="invisible">E-2025-2205</span></a></p>
WordPress<p>WordPress 6.8 Beta 2 is ready for download and testing! This release includes user enhancements incorporated into the latest Gutenberg updates. Your feedback can help us make it even better at release. Ready to give it a spin? Check out the link for more info!<br><a href="https://wordpress.org/news/2025/03/wordpress-6-8-beta-2/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wordpress.org/news/2025/03/wor</span><span class="invisible">dpress-6-8-beta-2/</span></a></p><p><a href="https://mastodon.world/tags/WordPress" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WordPress</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload