GiveWP Donation Plugin Authorization Flaw Advisory(CVE202511228)
WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.10.0 - Missing Authorization to Unauthenticated Forms-Campaign Association vulnerability
Hong Kong Alert WordPress File Upload Flaw(CVE20259212)
WordPress WP Dispatcher plugin <= 1.2.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Hong Kong Advisory Ird Slider Stored XSS(CVE20259876)
WordPress Ird Slider plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Alert Meks Easy Maps Stored XSS(CVE20259206)
WordPress Meks Easy Maps plugin <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Alert Backup Bolt Arbitrary File Download(CVE202510306)
WordPress Backup Bolt plugin <= 1.4.1 - Authenticated (Admin+) Arbitrary File Download vulnerability
Hong Kong Security Alert Notification Bar CSRF(CVE20259895)
WordPress Notification Bar plugin <= 2.2 - Cross-Site Request Forgery vulnerability
Community Alert WPRecovery SQL Injection Threat(CVE202510726)
WordPress WPRecovery plugin <= 2.0 - Unauthenticated SQL Injection to Arbitrary File Deletion vulnerability
Hong Kong Security Notice Missing Plugin Authorization(CVE202510746)
WordPress Integrate Dynamics 365 CRM plugin <= 1.0.9 - Vulnerabilidad de falta de autorización
Security Advisory Restrict User Registration CSRF(CVE20259892)
WordPress Restrict User Registration plugin <= 1.0.1 - Cross-Site Request Forgery to Settings Update vulnerability
ContentMX Plugin CSRF Community Advisory(CVE20259889)
WordPress ContentMX Content Publisher plugin <= 1.0.6 - Cross-Site Request Forgery vulnerability