Alerta de seguridad de Hong Kong Vulnerabilidad de JoomSport (CVE20257721)
Vulnerabilidad de inclusión de archivos locales por recorrido de directorio no autenticado en el plugin JoomSport de WordPress <= 5.7.3
Community Alert Notification Bar CSRF Vulnerability(CVE20259895)
WordPress Notification Bar plugin <= 2.2 - Cross-Site Request Forgery vulnerability
Community Alert Meks Easy Maps XSS Vulnerability(CVE20259206)
WordPress Meks Easy Maps plugin <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Hong Kong Cybersecurity Alert WordPress Gallery Injection(CVE20259199)
WordPress Woo superb slideshow transition gallery with random effect plugin <= 9.1 - Authenticated (Contributor+) SQL Injection vulnerability
Community Security Notice Authenticated Contributor SQL Injection(CVE20259198)
WordPress Wp cycle text announcement plugin <= 8.1 - Authenticated (Contributor+) SQL Injection vulnerability
Community Advisory Flexi Plugin Stored XSS(CVE20259129)
Plugin Flexi de WordPress <= 4.28 - Autenticado (Contribuyente+) Vulnerabilidad de Cross-Site Scripting almacenado a través del shortcode flexi-form-tag
Hong Kong Security Advisory Video Carousel XSS(CVE20259372)
WordPress Ultimate Multi Design Video Carousel plugin <= 1.4 - Authenticated (Editor+) Stored Cross-Site Scripting vulnerability
Community Security Notice Mobile Site Redirect Vulnerability(CVE20259884)
WordPress Mobile Site Redirect plugin <= 1.2.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
HK NGO alerts Comment Info Detector vulnerability(CVE202510311)
WordPress Comment Info Detector plugin <= 1.0.5 - Cross-Site Request Forgery to Settings Update vulnerability
Hong Kong Security Alert WordPress Stored XSS(CVE20259077)
WordPress Ultra Addons Lite for Elementor plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text Field vulnerability