Media Author Plugin Broken Access Control Advisory(CVE202558841)
WordPress Media Author Plugin <= 1.0.4 - Broken Access Control Vulnerability
Atec Debug Plugin Administrator File Deletion Risk(CVE20259518)
WordPress atec Debug plugin <= 1.2.22 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability
Hong Kong Security Advisory Make Connector Vulnerability(CVE20256085)
WordPress Make Connector plugin <= 1.5.10 - Authenticated (Administrator+) Arbitrary File Upload vulnerability
Hong Kong Security Alert Skyword Stored XSS(CVE202411907)
WordPress Skyword API Plugin plugin <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Alert TablePress Stored XSS Vulnerability(CVE20259500)
WordPress TablePress plugin <= 3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via shortcode_debug Parameter vulnerability
Hong Kong Security Advisory Ocean Extra XSS(CVE20259499)
WordPress Ocean Extra plugin <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via oceanwp_library Shortcode vulnerability
Security Advisory Booster for WooCommerce File Upload(CVE202413342)
WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload vulnerability
Aviso de seguridad de Hong Kong Vulnerabilidad de Slider Revolution (CVE20259217)
Plugin Slider Revolution de WordPress <= 6.7.36 - Lectura de archivos arbitrarios autenticada (Contribuyente+) a través de la vulnerabilidad 'used_svg' y 'used_images'
Hong Kong Security Alert iATS SQL Injection(CVE20259441)
WordPress iATS Online Forms plugin <= 1.2 - Authenticated (Contributor+) SQL Injection via order Parameter vulnerability
Alerta de Seguridad Vulnerabilidad CSRF de Publicaciones Relacionadas Lite (CVE20259618)
Plugin WordPress Related Posts Lite <= 1.12 - Vulnerabilidad de Cross-Site Request Forgery