Community Alert Trinity Audio Information Exposure(CVE20259196)
WordPress Trinity Audio plugin <= 5.21.0 - Unauthenticated Information Exposure vulnerability
Hong Kong Security Advisory Allegro SQL Injection(CVE202510048)
WordPress My Auctions Allegro Plugin plugin <= 3.6.31 - Authenticated (Admin+) SQL Injection vulnerability
NEXForms Authenticated Admin SQL Injection Alert(CVE202510185)
WordPress NEX-Forms – Ultimate Forms Plugin for WordPress plugin <= 9.1.6 - Authenticated (Admin+) SQL Injection vulnerability
Community Alert Everest Backup Plugin Authorization Failure(CVE202511380)
WordPress Everest Backup plugin <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure vulnerability
Community Advisory WordPress JobHunt Authorization Bypass(CVE20257374)
WordPress WP JobHunt plugin <= 7.6 Authenticated (Custom+) Authorization Bypass vulnerability
Security Advisory TicketSpot Stored Cross Site Scripting(CVE20259875)
WordPress TicketSpot plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Advisory Meks Easy Maps Stored XSS(CVE20259206)
WordPress Meks Easy Maps plugin <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
HK Security Advisory Dynamics 365 CRM Vulnerability(CVE202510746)
WordPress Integrate Dynamics 365 CRM plugin <= 1.0.9 - Missing Authorization vulnerability
Constructor Plugin Authorization Flaw Threatens Community Sites(CVE20259194)
WordPress Constructor plugin <= 1.6.5 - Missing Authorization to Authenticated (Subscriber+) Theme Clean vulnerability
Security Advisory Backup Bolt Plugin File Download(CVE202510306)
WordPress Backup Bolt plugin <= 1.4.1 - Authenticated (Admin+) Arbitrary File Download vulnerability