wordfence (@wordfence@mastodon.social)
Wordfence Intelligence Weekly WordPress Vulnerability Report (March 30, 2026 to April 5, 2026)
54 vulnerabilities disclosed in 49 WordPress plugins. 36 researchers contributed to WordPress security.
5 Critical | 14 High | 35 Medium
52 patched, 2 unpatched.
#WordPress #Security #Vulnerabilities
Show Original Post
veloxstudio (@veloxstudio@mastodon.social)
Available for web projects — WordPress, custom sites, and CMS migrations.
Recent work: NationBuilder redesigns, WooCommerce builds, static site migrations, and performance optimization (we've turned 4s LCP scores into sub-1s).
If your org needs a site that actually works on mobile and loads fast, DM us or email veloxstudio@proton.me.
Portfolio: veloxstudio.surge.sh
#FediHire #WebDev #WordPress #SmallBusiness #FreelanceWebDev
Show Original Post
veloxstudio (@veloxstudio@mastodon.social)
WordPress performance tip that takes 5 minutes:
Replace your hero image with a properly sized WebP. Add width/height attributes and fetchpriority="high" to the img tag.
Most sites load a 3MB JPEG that takes 4+ seconds on mobile. A 200KB WebP loads in under 1 second and your Largest Contentful Paint score jumps 30+ points.
Free tools: Squoosh for image conversion, PageSpeed Insights for before/after proof.
#WordPress #WebPerformance #WebDev
Show Original Post
WordPress (@WordPress@mastodon.world)
There was something special about seeing young people come together to learn and create at YouthCamp during WordCamp Asia 2026. Their curiosity, energy, and ideas made it a memorable part of the event.
Show Original Post
Bied (@Bied@digitalhub.social)
Schweizer Käse und die Sicherheit. 🤢
Ob es in Deutschland auch so viele Löcher in der Sicherheit gibt wie im Emmentaler?
Vermutlich ist es in Deutschland sehr ähnlich, denn die naiven Web-Designer lernen meist nicht dazu. Die Kunden "glauben" und wissen zu wenig. Eine Melange die nur einen Gewinner kennt.
Damit Kriminelle es nicht zu schwer haben:
"Laut diesen Daten laufen 16 Prozent aller Schweizer Domains auf Servern mit äusserst gefährlichen Schwachstellen. Dabei handelt es sich um Sicherheitslücken mit einem CVSS-Score von 9,0 oder höher. Das heisst: ein Angreifer könnte ohne Authentifizierung und ohne Benutzerinteraktion die vollständige Kontrolle über betroffene Systeme erlangen, wie Risikomonitor mitteilt."
Speziell #WordPress ist bei den naiven Nutzern sehr beliebt:
"Es stellt unter anderem fest, dass 12 Prozent aller gescannter Wordpress-Installationen seit längerem nicht mehr aktualisiert worden seien. Cyberkriminelle können diese Installationen etwa zum Verschicken von Spam missbrauchen."
Spart Zeit und Geld, leider nur bei den Kriminellen. 🔥
Show Original Post
le-travail-de-dentelle-sur-un-site-ou-un-blog (@le-travail-de-dentelle-sur-un-site-ou-un-blog@vincentbreton.fr)
Le travail de dentelle sur un site ou un blog
J'aime de temps en temps, reprendre la mise en forme du site et faire mon petit travail de dentellehttps://vincentbreton.fr/le-travail-de-dentelle-sur-un-site-ou-un-blog/
Show Original Post
maniabel (@maniabel@mastodon.de)
Am 7. April 2026 wurde das Update-System des Smart Slider 3 Pro-Plugins für WordPress und Joomla von Angreifenden kompromittiert. Mehr: https://digiprax.maniabel.work/archiv/1257
#malware #wordpress #joomla #plugin #SmartSliderPro #infosec #up2date
Show Original Post
WordPress (@WordPress@mastodon.world)
Contributor Day at WordCamp Asia 2026 brought people together from across the community to collaborate, connect, and contribute. From shared ideas to new friendships, it was a meaningful start to the week in Mumbai.
Show Original Post
gaelanlloyd (@gaelanlloyd@mastodon.social)
Made some housekeeping tweaks to my first officially-published WordPress plugin:
- Added a quick demo GIF to show what it does
- Renamed the plugin and updated the tags (hopefully clearer now)
The plugin is a little QoL addition to WP that I find invaluable. Would love to hear if anyone else finds it useful!
https://wordpress.org/plugins/edit-by-id/
Show Original Post
chirpbirb (@chirpbirb@meow.social)
Content warning:discussing wordpress and a potential bug in their pricing page
hey, i really want to make sure i'm not making something up before writing about it so i need your help since i block a lot of javascript and shit on my end to make websites not steal my information.
does the wordpress.com site not actually list pricing on their pricing page? i don't see anything coming up that equates to anything resembling a dollar amount on my end across multiple different browsers. this is what i see
Show Original Post
picu (@picu@mastodon.social)
March update is out! Here's what we've been working on:
– Improved Image Protection (Pro)
– WordPress 7.0 Compatibility
– New ideas brewing for the future of picu
Read more in our monthly update for March 2026:
🔗 https://picu.io/blog/update-march-2026/
Show Original Post
Analyst207 (@Analyst207@mastodon.social)
Hackers Exploit Smart Slider Plugin to Deploy Malicious Code
Hackers have hijacked the update system for the popular Smart Slider 3 Pro plugin, deploying a malicious release that lets them take control of affected websites. This alarming breach highlights the vulnerability of even trusted software update channels to exploitation.
#SupplyChain #Wordpress #Joomla #SmartSlider #MalwareOperations
Show Original Post