Hong Kong Security Advisory UsersWP SQL Injection(CVE202510003)
WordPress UsersWP plugin <= 1.2.44 - Authenticated (Subscriber+) SQL Injection vulnerability
Community Alert Rehub Theme Shortcode Vulnerability(CVE20257366)
WordPress Rehub theme <= 19.9.7 - Unauthenticated Arbitrary Shortcode Execution via re_filterpost vulnerability
Security Advisory Smart Table Builder Stored XSS(CVE20259126)
WordPress Smart Table Builder plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability
AdForest Theme Admin Access Bypass Advisory(CVE20258359)
WordPress AdForest theme <= 6.0.9 - Authentication Bypass to Admin vulnerability
Community Security Advisory Easy Social Feed XSS(CVE20256067)
WordPress Easy Social Feed plugin <= 6.6.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Alerta de seguridad de HK Element Kit XSS (CVE20258360)
Plugin de LA-Studio Element Kit para Elementor de WordPress <= 1.5.5.1 - Vulnerabilidad de scripting entre sitios (XSS) almacenado autenticado (Contribuyente+) a través de múltiples widgets
Aviso de seguridad Plugin Simple Gallery Inyección SQL(CVE202558881)
Nuevo plugin Simple Gallery de WordPress <= 8.0 - Vulnerabilidad de inyección SQL
Vulnerabilidad del plugin de menú responsivo eDS de Community Alert (CVE202558839)
Vulnerabilidad de inyección de objeto PHP en el plugin de menú responsivo eDS de WordPress <= 1.2
Media Author Plugin Broken Access Control Advisory(CVE202558841)
WordPress Media Author Plugin <= 1.0.4 - Broken Access Control Vulnerability
Atec Debug Plugin Administrator File Deletion Risk(CVE20259518)
WordPress atec Debug plugin <= 1.2.22 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability