Pyrzout :vm:<p>WordPress Security Alert: CVE-2025-6043 Enables Remote File Deletion via Malcure Plugin <a href="https://thecyberexpress.com/malcure-vulnerability-cve-2025-6043/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thecyberexpress.com/malcure-vu</span><span class="invisible">lnerability-cve-2025-6043/</span></a> <a href="https://social.skynetcloud.site/tags/MalcureMalwareScanner" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MalcureMalwareScanner</span></a> <a href="https://social.skynetcloud.site/tags/TheCyberExpressNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheCyberExpressNews</span></a> <a href="https://social.skynetcloud.site/tags/Vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerabilities</span></a> <a href="https://social.skynetcloud.site/tags/TheCyberExpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheCyberExpress</span></a> <a href="https://social.skynetcloud.site/tags/FirewallDaily" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FirewallDaily</span></a> <a href="https://social.skynetcloud.site/tags/CVE20256043" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE20256043</span></a> <a href="https://social.skynetcloud.site/tags/CyberNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberNews</span></a> <a href="https://social.skynetcloud.site/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> <a href="https://social.skynetcloud.site/tags/WordPress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordPress</span></a></p>
toot.wales is one of the many independent Mastodon servers you can use to participate in the fediverse.
We are the Open Social network for Wales and the Welsh, at home and abroad! Y rhwydwaith cymdeithasol annibynnol i Gymru, wedi'i bweru gan Mastodon!
Administered by:
Server stats:
636active users
toot.wales: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.2
#wordfence
0 posts · 0 participants · 0 posts today
Pyrzout :vm:<p>New WordPress Malware Hides on Checkout Pages and Imitates Cloudflare <a href="https://hackread.com/wordpress-malware-checkout-pages-imitates-cloudflare/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/wordpress-malware</span><span class="invisible">-checkout-pages-imitates-cloudflare/</span></a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberAttack</span></a> <a href="https://social.skynetcloud.site/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> <a href="https://social.skynetcloud.site/tags/Wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordpress</span></a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/Plugin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Plugin</span></a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Scam</span></a></p>
Pyrzout :vm:<p>Flawed WordPress theme may allow admin account takeover on 22,000+ sites (CVE-2025-4322) <a href="https://www.helpnetsecurity.com/2025/05/21/wordpress-motors-theme-cve-2025-4322-admin-account-takeover/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">helpnetsecurity.com/2025/05/21</span><span class="invisible">/wordpress-motors-theme-cve-2025-4322-admin-account-takeover/</span></a> <a href="https://social.skynetcloud.site/tags/accounthijacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>accounthijacking</span></a> <a href="https://social.skynetcloud.site/tags/vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>vulnerability</span></a> <a href="https://social.skynetcloud.site/tags/Don" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Don</span></a>'tmiss <a href="https://social.skynetcloud.site/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> <a href="https://social.skynetcloud.site/tags/WordPress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordPress</span></a> <a href="https://social.skynetcloud.site/tags/Hotstuff" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hotstuff</span></a> <a href="https://social.skynetcloud.site/tags/News" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>News</span></a></p>
Pyrzout :vm:<p>Sneaky WordPress Malware Disguised as Anti-Malware Plugin – Source:hackread.com <a href="https://ciso2ciso.com/sneaky-wordpress-malware-disguised-as-anti-malware-plugin-sourcehackread-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/sneaky-wordpress</span><span class="invisible">-malware-disguised-as-anti-malware-plugin-sourcehackread-com/</span></a> <a href="https://social.skynetcloud.site/tags/1CyberSecurityNewsPost" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>1CyberSecurityNewsPost</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://social.skynetcloud.site/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> <a href="https://social.skynetcloud.site/tags/WordPress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordPress</span></a> <a href="https://social.skynetcloud.site/tags/Hackread" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Hackread</span></a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://social.skynetcloud.site/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>malware</span></a> <a href="https://social.skynetcloud.site/tags/Plugin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Plugin</span></a> <a href="https://social.skynetcloud.site/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHP</span></a></p>
Pyrzout :vm:<p>Sneaky WordPress Malware Disguised as Anti-Malware Plugin <a href="https://hackread.com/wordpress-malware-disguised-as-anti-malware-plugin/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">hackread.com/wordpress-malware</span><span class="invisible">-disguised-as-anti-malware-plugin/</span></a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cybersecurity</span></a> <a href="https://social.skynetcloud.site/tags/Vulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerability</span></a> <a href="https://social.skynetcloud.site/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> <a href="https://social.skynetcloud.site/tags/Wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordpress</span></a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Malware</span></a> <a href="https://social.skynetcloud.site/tags/Plugin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Plugin</span></a> <a href="https://social.skynetcloud.site/tags/PHP" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>PHP</span></a></p>
Sam H (he/him)<p>Morning all. <br>I've been given the joyous job of providing work with a shortlist of UK based Wordpress hosts. <br>Criteria are: <br>UK hosted<br>Supports Wordfence<br>Have an SLA that isn't laughable <br>Can be managed by our marketing dept without them calling me every 30 minutes. </p><p>Anyone got any recommendations? <br><a href="https://mastodon.org.uk/tags/wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wordpress</span></a><br><a href="https://mastodon.org.uk/tags/wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wordfence</span></a></p>
Pyrzout :vm:<p>100,000+ WordPress Sites at Risk as SureTriggers Exploit Goes Live <a href="https://thecyberexpress.com/suretriggers-vulnerability/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thecyberexpress.com/suretrigge</span><span class="invisible">rs-vulnerability/</span></a> <a href="https://social.skynetcloud.site/tags/SureTriggersVulnerability" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SureTriggersVulnerability</span></a> <a href="https://social.skynetcloud.site/tags/TheCyberExpressNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheCyberExpressNews</span></a> <a href="https://social.skynetcloud.site/tags/Vulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Vulnerabilities</span></a> <a href="https://social.skynetcloud.site/tags/TheCyberExpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>TheCyberExpress</span></a> <a href="https://social.skynetcloud.site/tags/wordpressplugin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wordpressplugin</span></a> <a href="https://social.skynetcloud.site/tags/FirewallDaily" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>FirewallDaily</span></a> <a href="https://social.skynetcloud.site/tags/CVE20253102" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CVE20253102</span></a> <a href="https://social.skynetcloud.site/tags/CyberNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberNews</span></a> <a href="https://social.skynetcloud.site/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> <a href="https://social.skynetcloud.site/tags/OttoKit" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OttoKit</span></a></p>
Ray Gulick, he/him/wtf 🇺🇦 ❌👑<p>WordFence increases their purchase and renewal price ~25%. I don't believe such a large increase is warranted, especially from a company that refuses to offer bulk pricing.<br>Time to look for a new security solution.<br><a href="https://social.coop/tags/WordFence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordFence</span></a> <br><a href="https://social.coop/tags/WordPress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordPress</span></a></p>
Pierre<p>BuddyPress 14.2.1 Maintenance & Security release</p><p>The “Take Photo” feature (which uses the logged in user’s Webcam to capture their profile photo) was vulnerable to an authenticated (Subscriber+) directory traversal. Discovered by Domons from the Wordfence organization.</p><p><a href="https://mastodon.social/tags/buddypress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>buddypress</span></a> <a href="https://mastodon.social/tags/wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wordpress</span></a> <a href="https://mastodon.social/tags/plugin" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>plugin</span></a> <a href="https://mastodon.social/tags/foss" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>foss</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.social/tags/software" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>software</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>wordfence</span></a></p>
pablolarah<p>🔵 How To Find XSS (Cross-Site Scripting) Vulnerabilities in WordPress Plugins and Themes</p><p>by Alex Thomas at @wordfence </p><p><a href="https://mastodon.social/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> <a href="https://mastodon.social/tags/XSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>XSS</span></a> <a href="https://mastodon.social/tags/CrossSiteScripting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CrossSiteScripting</span></a> <a href="https://mastodon.social/tags/Wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordpress</span></a> <a href="https://mastodon.social/tags/Tutorial" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Tutorial</span></a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Security</span></a> </p><p><a href="https://www.wordfence.com/blog/2024/09/how-to-find-xss-cross-site-scripting-vulnerabilities-in-wordpress-plugins-and-themes/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wordfence.com/blog/2024/09/how</span><span class="invisible">-to-find-xss-cross-site-scripting-vulnerabilities-in-wordpress-plugins-and-themes/</span></a></p>
Reuben Walker<p>Wordfence Launches WordPress Superhero Challenge with Big Rewards. <a href="https://wptavern.com/wordfence-launches-wordpress-superhero-challenge-with-big-rewards" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">wptavern.com/wordfence-launche</span><span class="invisible">s-wordpress-superhero-challenge-with-big-rewards</span></a> <a href="https://me.dm/tags/WordFence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordFence</span></a> <a href="https://me.dm/tags/WordPressSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordPressSecurity</span></a></p>
Chris Alemany🇺🇦🇨🇦🇪🇸<p>My website is getting hammered with spam today! I've never seen anything like this. Thank goodness for Wordfence!</p><p>I've deleted at least 100 email notifications like this one so far.<br><a href="https://mstdn.chrisalemany.ca/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> <a href="https://mstdn.chrisalemany.ca/tags/Wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordpress</span></a> <a href="https://mstdn.chrisalemany.ca/tags/Web" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Web</span></a> <a href="https://mstdn.chrisalemany.ca/tags/Spam" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Spam</span></a> <a href="https://mstdn.chrisalemany.ca/tags/DDOS" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>DDOS</span></a></p>
Jos Klever Web Support<p><span class="h-card" translate="no"><a href="https://m.ai6yr.org/@bud_t" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>bud_t</span></a></span> I'm using <a href="https://toot.re/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> (free) on 320+ sites and for many years now and am very happy with it. Of course it's never enough to only have a security plugin, because you also need strong and unique passwords, keeping all your plugins/theme/WP updated and not use any deprecated plugins/themes.</p>
Bud Talbot<p>Folks who use <a href="https://m.ai6yr.org/tags/Wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordpress</span></a> for your <a href="https://m.ai6yr.org/tags/blog" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>blog</span></a> : do you find that <a href="https://m.ai6yr.org/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> (free) does an acceptable job at securing your site? It seems to block the brute force attempts pretty well. Are there other security plugins to consider?</p>
Scottish Lass<p><a href="https://mastodon.scot/tags/Cloudflare" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Cloudflare</span></a> 521 investigations continuing but safe to say <a href="https://mastodon.scot/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> has been eliminated from enquiries. God I've been watching too many <a href="https://mastodon.scot/tags/Police" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Police</span></a> 🚓 👮♀️ procedurals lately. </p><p>Ditto any Wordpress plugins. Did some tests with a completely empty Wordpress multisite install and same 521 errors came <br>intermittently. Wondering if there's any connection to PHP 8.1 at all? Still some deprecations showing from the core WP code. Had a subdomain with static code for several minutes and did not see 521s on it.</p>
Scottish Lass<p>Fixed an issue with a <a href="https://mastodon.scot/tags/Wordfence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordfence</span></a> scan failing the "Server State" check. Turned out there was a missing DNS record. Really gnarly migrating <a href="https://mastodon.scot/tags/Wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordpress</span></a> with Wordfence enabled - should have followed this advice re Extended Protection before starting.<br><a href="https://www.wordfence.com/help/advanced/remove-or-reset/#migrate-with-wordfence" rel="nofollow noopener" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">wordfence.com/help/advanced/re</span><span class="invisible">move-or-reset/#migrate-with-wordfence</span></a></p>
Simon Walters<p>Ever since I installed <a href="https://fosstodon.org/tags/WordFence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordFence</span></a> on my <a href="https://fosstodon.org/tags/WordPress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordPress</span></a> blog site server, it has been an eye-opener as to the brute force attacks that must be taking place everywhere on T'internet. I recommend that you don't have easily guessable site usernames (as I used to) as you just give away half of your security by doing so (please ignore last sentence - I've been corrected)</p>
Simon Walters<p>Ever since I've added <a href="https://fosstodon.org/tags/WordFence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordFence</span></a> to my <a href="https://fosstodon.org/tags/Wordpress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Wordpress</span></a> blog I'm getting quite a few emails about it blocking users trying to brute force their way in! Obs, this was happening previously but didn't know about it - changed password to password123456! - that'll hold them back :)</p>
Simon Walters<p><span class="h-card"><a href="https://social.mythic-beasts.com/@beasts" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>beasts</span></a></span> After severla passes of <a href="https://fosstodon.org/tags/WordFence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordFence</span></a> and deleting/repairing files , deleting unused plugins and updating everthing in sight -all seems OK now :)</p><p>Excellent customer service from <a href="https://fosstodon.org/tags/MythicBeasts" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MythicBeasts</span></a></p>
Simon Walters<p>!!!! My hosting company <span class="h-card"><a href="https://social.mythic-beasts.com/@beasts" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>beasts</span></a></span> have emailed me to say they've detected some naughty stuff going on on my <a href="https://fosstodon.org/tags/WordPress" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordPress</span></a> site :( They recommended installing <a href="https://fosstodon.org/tags/WordFence" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>WordFence</span></a> and currently scanning and attempting to fix it :) Not had this (a website attack) happen to to me in a long long time!</p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload