Alerta de seguridad CSRF del cuadro de comentarios Duoshuo (CVE202548318)
Plugin de cuadro de comentarios sociales Duoshuo de WordPress <= 1.2 - Vulnerabilidad de Cross Site Request Forgery (CSRF) para cambio de configuración
Community Alert Baidu Share Button Stored XSS(CVE202548320)
WordPress 百度分享按钮 plugin <= 1.0.6 - CSRF to Stored XSS vulnerability
Hong Kong Security Advisory Mesa Widget XSS(CVE202548319)
WordPress Mesa Mesa Reservation Widget plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability
Hong Kong Advisory CSRF Enables Stored XSS(CVE202548321)
WordPress Ultimate twitter profile widget plugin <= 1.0 - CSRF to Stored XSS vulnerability
Community Alert Bravis Plugin Account Takeover(CVE20255060)
Plugin Name Bravis User Type of Vulnerability Account takeover vulnerability CVE Number CVE-2025-5060 Urgency High CVE Publish Date…
HK NGO Alert Social Login Authentication Bypass(CVE20255821)
WordPress Case Theme User plugin <= 1.0.3 - Authentication Bypass via Social Login vulnerability
Hong Kong Security Advisory Ogulo 360 XSS(CVE20259131)
Plugin Name Ogulo – 360° Tour Type of Vulnerability Authenticated Stored XSS CVE Number CVE-2025-9131 Urgency Low CVE…
Hong Kong Security Advisory Ni WooCommerce Vulnerability(CVE20257827)
WordPress Ni WooCommerce Customer Product Report plugin <= 1.2.4 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability
Alerta de Seguridad de Hong Kong ShortcodeHub XSS Almacenado(CVE20257957)
WordPress ShortcodeHub plugin <= 1.7.1 - Vulnerabilidad de Secuencias de Comando en Sitios Cruzados Almacenada (Contribuyente+) a través del parámetro author_link_target
Community Alert Authenticated XSS in WS Addons(CVE20258062)
WordPress WS Theme Addons plugin <= 2.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via ws_weather Shortcode vulnerability