Community Alert Hub Theme Authorization Weakness(CVE20250951)
WordPress Hub theme <= 5.0.7 - Missing Authorization to Authenticated (Subscriber+) All Plugins Deactivated vulnerability
Urgent Advisory Managefy Plugin Path Traversal(CVE20259345)
WordPress File Manager, Code Editor, and Backup by Managefy plugin <= 1.4.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Download vulnerability
Hong Kong Security Alert StopBadBots Bypass(CVE20259376)
WordPress StopBadBots plugin <= 11.58 - Insufficient Authorization to Unauthenticated Blocklist Bypass vulnerability
Hong Kong Security Alert ULike Pro Risk(CVE20249648)
WordPress WP ULike Pro plugin <= 1.9.3 - Unauthenticated Limited Arbitrary File Upload vulnerability
Hong Kong Security Advisory Contributor Stored XSS(CVE20259346)
WordPress Booking Calendar plugin <= 10.14.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Advisory Pronamic Google Maps XSS(CVE20259352)
WordPress Pronamic Google Maps plugin <= 2.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Hong Kong Security Advisory UsersWP Stored XSS(CVE20259344)
WordPress UsersWP plugin <= 1.2.42 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Hong Kong Security Alert Podlove Plugin Redirect(CVE202558204)
WordPress Podlove Podcast Publisher Plugin <= 4.2.5 - Open Redirection Vulnerability
Public Advisory Bold Page Builder XSS Vulnerability(CVE202558194)
WordPress Bold Page Builder Plugin <= 5.4.3 - Cross Site Scripting (XSS) Vulnerability
Epeken All Kurir Plugin XSS Security Notice(CVE202558212)
WordPress Epeken All Kurir Plugin <= 2.0.1 - Cross Site Scripting (XSS) Vulnerability