Community Alert NEX Forms CSRF Vulnerability(CVE202549399)
WordPress NEX-Forms Plugin <= 9.1.3 - Cross Site Request Forgery (CSRF) Vulnerability
Community Alert Contact Form 7 Deletion Risk(CVE20258141)
Plugin Name Redirection for Contact Form 7 Type of Vulnerability Unauthenticated File Deletion CVE Number CVE-2025-8141 Urgency High…
Alerta de Seguridad Comunitaria Vulnerabilidad del Contact Form 7 (CVE20258289)
Redirección de WordPress para el plugin Contact Form 7 <= 3.2.4 - Inyección de Objeto PHP no autenticada a través de la vulnerabilidad de Deserialización PHAR
Aviso de Seguridad de Hong Kong Contact Manager XSS(CVE20258783)
Complemento de Contact Manager de WordPress <= 8.6.5 - Autenticado (Administrador+) Vulnerabilidad de Cross-Site Scripting almacenado a través de 'title'
Community Alert ColorMag Demo Importer Vulnerability(CVE20259202)
WordPress ColorMag plugin <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin Installation vulnerability
Community Alert Authenticated Stored Cross Site Scripting(CVE20258618)
WordPress WPC Smart Quick View for WooCommerce plugin <= 4.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via woosq_btn Shortcode vulnerability
Community Advisory Contact Form 7 Injection Risk(CVE20258145)
WordPress Redirection for Contact Form 7 plugin <= 3.2.4 - Unauthenticated PHP Object Injection vulnerability
Community Security Alert Easy Digital Downloads CSRF(CVE20258102)
WordPress Easy Digital Downloads plugin <= 3.5.0 - Cross-Site Request Forgery to Plugin Deactivation via edd_sendwp_disconnect and edd_sendwp_remote_install Functions vulnerability
Hong Kong Security Advisory FunnelKit Privilege Escalation(CVE20257654)
Urgent: Privilege Escalation in Automation By Autonami (FunnelKit) — What WordPress Site Owners Must Do Now Plugin Name…
Alert Nexter Blocks Stored Cross Site Scripting(CVE20258567)
WordPress Nexter Blocks plugin <= 4.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability