Community Advisory PixelYourSite Plugin LFI Risk(CVE202510723)
WordPress PixelYourSite plugin < 11.1.2 - Admin+ LFI vulnerability
Hong Kong Security Alert ZoloBlocks Popup Flaw(CVE202512134)
WordPress ZoloBlocks plugin <= 2.3.11 - Missing Authorization to Unauthenticated Popup Enable/Disable vulnerability
Hong Kong Security Alert WordPress Template CSRF(CVE202512072)
WordPress Disable Content Editor For Specific Template plugin <= 2.0 - Cross-Site Request Forgery to Template Configuration Update vulnerability
Community Alert WordPress RapidResult SQL Injection(CVE202510748)
WordPress RapidResult plugin <= 1.2 - Authenticated (Contributor+) SQL Injection vulnerability
Security Advisory Arbitrary Order Refund Vulnerability(CVE202510570)
WordPress Flexible Refund and Return Order for WooCommerce plugin <= 1.0.38 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order Refund vulnerability
Urgent Alert PixelYourSite GDPR Settings Exploited(CVE202510588)
WordPress PixelYourSite plugin <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification vulnerability
Security Advisory Optimole Image IDOR Vulnerability(CVE202511519)
WordPress Image optimization service by Optimole plugin <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Author+) Media Offload vulnerability
Community Alert LearnPress Unauthenticated Database Access(CVE202511372)
WordPress LearnPress – WordPress LMS Plugin plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation vulnerability
Theme Editor CSRF Risks Remote Code Execution(CVE20259890)
WordPress Theme Editor plugin <= 3.0 - Cross-Site Request Forgery to Remote Code Execution vulnerability
Urgent Advisory LearnPress Database Authorization Flaw(CVE202511372)
WordPress LearnPress – WordPress LMS Plugin plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation vulnerability
English 
Chinese (Hong Kong) 
Chinese (China)