WP Security

WP Security Vulnerability Report

1000 posts
WWordPress Vulnerability Database

Hong Kong Security Warns WooCommerce Tip Manipulation(CVE20256025)

  • August 14, 2025
WordPress Order Tip for WooCommerce plugin <= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts vulnerability
WWordPress Vulnerability Database

Hong Kong NGO warns WordPress QSM CSRF(CVE20256790)

  • August 14, 2025
WordPress QSM plugin < 10.2.3 - Template Creation via CSRF vulnerability
WWordPress Vulnerability Database

Hong Kong Security Advisory WordPress Slider SSRF(CVE20258680)

  • August 14, 2025
WordPress B Slider - Gutenberg Slider Block for WP plugin <= 2.0.0 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
WWordPress Vulnerability Database

Hong Kong Security NGO alerts WordPress XSS(CVE20253414)

  • August 14, 2025
WordPress Structured Content plugin < 1.7.0 - Contributor Stored XSS vulnerability
WWordPress Vulnerability Database

Hong Kong NGO warns WordPress Shopify XSS(CVE20257808)

  • August 14, 2025
WordPress WP Shopify plugin < 1.5.4 - Reflected XSS vulnerability
WWordPress Vulnerability Database

Here are some options under seven words: – HK Security NGO Alerts Elementor Addons XSS – Hong Kong Security NGO Alerts Elementor XSS – HK Security NGO Warns Elementor XSS(CVE20258451)

  • August 14, 2025
WordPress Essential Addons for Elementor plugin <= 6.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items' vulnerability
WWordPress Vulnerability Database

Hong Kong Security NGO WordPress Reflected XSS(CVE20258046)

  • August 14, 2025
WordPress Injection Guard plugin < 1.2.8 - Reflected XSS via $_SERVER['REQUEST_URI'] vulnerability
WWordPress Vulnerability Database

Hong Kong Security Alerts WordPress Graphina XSS(CVE20258867)

  • August 14, 2025
WordPress Graphina - Elementor Charts and Graphs plugin <= 3.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
WWordPress Vulnerability Database

WordPress Modernize Theme Access Control Vulnerability Advisory(CVE202553343)

  • August 14, 2025
Plugin Name Modernize Type of Vulnerability Broken Access Control CVE Number CVE-2025-53343 Urgency Low CVE Publish Date 2025-08-14…
WWordPress Vulnerability Database

Hong Kong Security Alerts Thim Core CSRF(CVE202553344)

  • August 14, 2025
WordPress Thim Core Plugin <= 2.3.3 - Cross Site Request Forgery (CSRF) Vulnerability
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0
English
Chinese (Hong Kong) Chinese (China) Spanish Hindi French