Hong Kong Security Advisory OceanWP CSRF Risk(CVE20258891)
Plugin Name OceanWP Type of Vulnerability CSRF CVE Number CVE-2025-8891 Urgency Low CVE Publish Date 2025-08-12 Source URL…
HK security advisory WordPress menu CSRF vulnerability(CVE20258491)
WordPress Easy restaurant menu manager plugin <= 2.0.2 - Cross-Site Request Forgery to Menu Upload vulnerability
HK Security Authenticated WooCommerce POs File Deletion(CVE20255391)
Plugin Name WooCommerce Purchase Orders Type of Vulnerability File deletion vulnerability CVE Number CVE-2025-5391 Urgency High CVE Publish…
Hong Kong NGO warns WordPress XSS risk(CVE20258314)
Plugin Name Software Issue Manager Type of Vulnerability Stored XSS CVE Number CVE-2025-8314 Urgency Low CVE Publish Date…
Hong Kong Security NGO Alerts WordPress Unauthenticated Escalation(CVE20258059)
Critical WordPress B Blocks Plugin Privilege Escalation (CVE-2025-8059): What Site Owners Must Do Now Plugin Name B Blocks…
Hong Kong Security Alert WordPress Unauthenticated Exposure(CVE20254390)
Plugin Name WP Private Content Plus Type of Vulnerability Unauthenticated Information Disclosure CVE Number CVE-2025-4390 Urgency Low CVE…
Hong Kong Security Advisory Stored XSS Slider(CVE20258690)
WordPress Simple Responsive Slider plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Hong Kong Security Advisory WordPress Elementor XSS(CVE20258874)
WordPress Master Addons for Elementor plugin <= 2.0.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via fancyBox vulnerability
HK Security Alerts WordPress RT Builder XSS(CVE20258462)
WordPress RT Easy Builder plugin <= 2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Hong Kong Security Warns WordPress Mosaic Generator XSS(CVE20258621)
WordPress Mosaic Generator plugin <= 1.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'c' Parameter vulnerability
English 
Chinese (Hong Kong) 
Chinese (China)