Security Advisory Arbitrary Order Refund Vulnerability(CVE202510570)
WordPress Flexible Refund and Return Order for WooCommerce plugin <= 1.0.38 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order Refund vulnerability
Urgent Alert PixelYourSite GDPR Settings Exploited(CVE202510588)
WordPress PixelYourSite plugin <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification vulnerability
Aviso de Seguridad Vulnerabilidad IDOR de Optimole Image(CVE202511519)
Servicio de optimización de imágenes de WordPress por el complemento Optimole <= 4.1.0 - Referencia de objeto directo insegura a Autenticado (Autor+) vulnerabilidad de descarga de medios
Community Alert LearnPress Unauthenticated Database Access(CVE202511372)
WordPress LearnPress – WordPress LMS Plugin plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation vulnerability
Theme Editor CSRF Risks Remote Code Execution(CVE20259890)
WordPress Theme Editor plugin <= 3.0 - Cross-Site Request Forgery to Remote Code Execution vulnerability
Urgent Advisory LearnPress Database Authorization Flaw(CVE202511372)
WordPress LearnPress – WordPress LMS Plugin plugin <= 4.2.9.3 - Missing Authorization to Unauthenticated Database Table Manipulation vulnerability
Hong Kong GSpeech TTS Security Advisory(CVE202510187)
WordPress GSpeech TTS – WordPress Text To Speech Plugin plugin <= 3.17.13 - Authenticated (Admin+) SQL injection vulnerability
Aviso de seguridad de Hong Kong PPOM Inyección SQL (CVE202511691)
WordPress PPOM – Complementos de productos y campos personalizados para WooCommerce plugin <= 33.0.15 - Vulnerabilidad de inyección SQL no autenticada
Public Advisory WordPress Map Plugin Cache Poisoning(CVE202511703)
WordPress WP Go Maps (formerly WP Google Maps) plugin <= 9.0.48 - Unauthenticated Cache Poisoning vulnerability
Alerta de seguridad de Hong Kong: riesgo de XSS en WPBakery (CVE202510006)
Plugin WordPress WPBakery Page Builder <= 8.6 - Vulnerabilidad de scripting entre sitios almacenada autenticada (Contribuyente+)