offseq (@offseq@infosec.exchange)
⚠️ CVE-2025-13614: HIGH-severity stored XSS in wpkube Cool Tag Cloud plugin (all versions). Authenticated contributors can inject malicious JS via shortcode, risking credential theft & site compromise. Audit permissions & monitor usage. Details: https://radar.offseq.com/threat/cve-2025-13614-cwe-79-improper-neutralization-of-i-7f71da3c #OffSeq #WordPress #XSS
Show Original Post
strefalinux (@strefalinux@mastodon.social)
Już tylko godziny dzielą nas od WordUp w Gdyni! Wszyscy miłośnicy WordPressa są mile widziani, rejestracja na https://wpgdynia.pl/ Na Strefie niedługo po wydarzeniu pojawi się relacja foto oraz opis wydarzenia. Do zobaczenia w Gdyni! :)
#wordpress #wpgdynia #wordup #gdynia #strefalinux #linux
PS. Gdyby ktoś chciał przybić piątkę lub wymienić się spostrzeżeniami to będę miał koszulkę z logo Strefy 🐧
Show Original Post
spic (@spic@nrw.social)
Wow, seit über einen Jahr, gab es kein #Update mehr für die Version 4, des #Divi PageBuilder für #WordPress, jetzt ist 4.27.5 erschienen :) https://www.divichangelog.com/divi-update/version-4-27-5
Show Original Post
WebAppsMagazine (@WebAppsMagazine@mastodon.uno)
4 #Plugin essenziali per il tuo #blog #WordPress nel #Fediverso
@diggita @fediverso
Show Original Post
offseq (@offseq@infosec.exchange)
🚨 CVE-2025-12850: HIGH severity SQL Injection in My auctions allegro WordPress plugin (all versions ≤3.6.32). Unauthenticated attackers can extract sensitive DB data. Patch when available, use WAF/input validation now. Details: https://radar.offseq.com/threat/cve-2025-12850-cwe-89-improper-neutralization-of-s-a9c55820 #OffSeq #WordPress #Vuln
Show Original Post
lmillucci (@lmillucci@mastodon.uno)
A few weeks ago I worked on adding Google Analytics tracking for search term entered by customers on a "Filterable Galleries" component provided by #Elementor for #WordPress. Since there are several steps to follow, I saved the procedure and posted it on my blog.
https://lorenzomillucci.it/posts/2025/2025-11-16-elementor-filterable-gallery-tracking-with-gtm/
Show Original Post
official_aptivi (@official_aptivi@mastodon.social)
Are you ready for the bold Aptivi redesign in the new year?
#Aptivi #Branding #website #blogging #design #logos #logo #TechNews #TechUpdates #blog #WordPress #brand
https://officialaptivi.wordpress.com/2025/12/05/modernizing-our-brand-even-further/
Show Original Post
offseq (@offseq@infosec.exchange)
🔥 CRITICAL: CVE-2025-12374 in 'User Verification by PickPlugins' (WP, ≤2.0.39) allows auth bypass via empty OTP—admin takeover possible. Disable plugin or implement WAF rules until patched! https://radar.offseq.com/threat/cve-2025-12374-cwe-287-improper-authentication-in--8c3c4127 #OffSeq #WordPress #CVE202512374
Show Original Post
offseq (@offseq@infosec.exchange)
⚠️ CRITICAL: CVE-2025-13313 in dripadmin CRM Memberships (≤2.5) lets unauth attackers reset user passwords & harvest emails via unprotected AJAX endpoints. Restrict access, monitor for abuse, patch ASAP. Details: https://radar.offseq.com/threat/cve-2025-13313-cwe-862-missing-authorization-in-dr-61158105 #OffSeq #WordPress #ThreatIntel #CVE202513313
Show Original Post
wpbot (@wpbot@wptoots.social)
@wordpress/media-fields https://developer.wordpress.org/block-editor/reference-guides/packages/packages-media-fields/ #WordPress #wpdev
Show Original Post
offseq (@offseq@infosec.exchange)
🚨 CVE-2025-13066: HIGH severity vuln in kraftplugins Demo Importer Plus (all versions). Author+ users can upload dangerous files & trigger RCE. No patch yet—restrict access, monitor uploads, use WAFs. https://radar.offseq.com/threat/cve-2025-13066-cwe-434-unrestricted-upload-of-file-299ff291 #OffSeq #WordPress #Vuln #RCE
Show Original Post
talentodigital (@talentodigital@mastodon.social)
Optimizar Web en WordPress
Tu web es lenta y necesita mejorar para los rankings en buscadores.
Te ayudamos.
👉🏻 https://talentodigital.com/servicios-wordpress/
#TalentoDigital #Digitalizar #WordPress #MarketingDigital #TransformaciónDigital
Show Original Post