HK Security Advisory Events Calendar SQL Injection(CVE20259807)
WordPress The Events Calendar plugin <= 6.15.1 - Unauthenticated SQL Injection vulnerability
Hong Kong Security Alert Enhanced BibliPlug XSS(CVE20259855)
WordPress Enhanced BibliPlug plugin <= 1.3.8 - Authenticated (Contirbutor+) Stored Cross-Site Scripting vulnerability
HK Security Advisory LH Signing Plugin CSRF(CVE20259633)
WordPress LH Signing plugin <= 2.83 - Cross-Site Request Forgery vulnerability
Stored XSS in AzureCurve BBCode Plugin(CVE20258398)
WordPress azurecurve BBCode plugin <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Shortcode vulnerability
Hong Kong Security Alert ThemeLoom Widgets XSS(CVE20259861)
WordPress ThemeLoom Widgets plugin <= 1.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
HK Security Advisory Certifica Stored XSS(CVE20258316)
WordPress Certifica WP plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via evento Parameter vulnerability
Hong Kong Security Alert Elementor Addons XSS(CVE20258215)
WordPress Responsive Addons for Elementor plugin <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Aviso de Seguridad de Hong Kong Inyección SQL de CatFolders (CVE20259776)
Plugin CatFolders de WordPress <= 2.5.2 - Inyección SQL autenticada (Autor+) a través de vulnerabilidad de importación CSV
Alerta de ONG de Seguridad de HK PagBank PagSeguro SQL(CVE202510142)
Complemento WordPress PagBank / PagSeguro Connect <= 4.44.3 - Vulnerabilidad de inyección SQL autenticada (Shop Manager+)
Community Security Advisory PeachPay SQL Injection(CVE20259463)
WordPress PeachPay Payments plugin <= 1.117.5 - Authenticated (Contributor+) SQL Injection via order_by Parameter vulnerability