Hong Kong Security Alert WordPress Stored XSS(CVE20259077)
WordPress Ultra Addons Lite for Elementor plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text Field vulnerability
Community Advisory WordPress Dispatcher SQL Injection(CVE202510582)
WordPress WP Dispatcher plugin <= 1.2.0 - Authenticated (Contributor+) SQL Injection vulnerability
Hong Kong Security Alert WP Dispatcher Vulnerability(CVE20259212)
WordPress WP Dispatcher plugin <= 1.2.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Aviso de seguridad de Hong Kong Flexi Plugin XSS (CVE20259129)
Plugin Flexi de WordPress <= 4.28 - Autenticado (Contribuyente+) Vulnerabilidad de Cross-Site Scripting almacenado a través del shortcode flexi-form-tag
Community Alert JoomSport Directory Traversal Vulnerability(CVE20257721)
Vulnerabilidad de inclusión de archivos locales por recorrido de directorio no autenticado en el plugin JoomSport de WordPress <= 5.7.3
Hong Kong Security Advisory MPWizard CSRF Risk(CVE20259885)
WordPress MPWizard plugin <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability
Hong Kong Advisory ZoloBlocks Stored XSS Risk(CVE20259075)
WordPress ZoloBlocks plugin <= 2.3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Alert Managefy Plugin Information Exposure Risk(CVE202510744)
WordPress File Manager, Code editor, backup by Managefy plugin <= 1.6.1 - Unauthenticated Information Exposure vulnerability
Hong Kong Alert CSRF to Stored XSS(CVE20259946)
WordPress LockerPress – WordPress Security Plugin plugin <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Community Alert LatePoint Authentication Bypass Risk(CVE20257038)
WordPress LatePoint plugin <= 5.1.94 - Unauthenticated Authentication Bypass via load_step Function vulnerability