Hong Kong Security Advisory WordPress Image Exposure(CVE202511176)
WordPress Quick Featured Images plugin <= 13.7.2 - Insecure Direct Object Reference to Image Manipulation vulnerability
Alerte de sécurité communautaire Injection SQL de connexion externe (CVE202511177)
Plugin de connexion externe WordPress <= 1.11.2 - Injection SQL non authentifiée via la vulnérabilité de journal
HK Security Advisory Social Login Stored XSS(CVE202510140)
WordPress Quick Social Login plugin <= 1.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Alerte de cybersécurité de Hong Kong sur l'injection SQL Office (CVE202510045)
WordPress onOffice pour le plugin WP-Websites <= 5.7 - Vulnérabilité d'injection SQL authentifiée (Éditeur+)
Hong Kong Advisory TopBar CSRF Vulnerability(CVE202510300)
WordPress TopBar plugin <= 1.0.0 - Cross-Site Request Forgery to Settings Update vulnerability
Community Alert Ova Advent Stored XSS(CVE20258561)
WordPress Ova Advent plugin <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
Hong Kong Security Alert File Deletion Risk(CVE202511692)
WordPress Zip Attachments plugin <= 1.6 - Missing Authorization to Limited File Deletion vulnerability
Alerte communautaire Risque de téléchargement du plugin Flex QR (CVE202510041)
Plugin WordPress Flex QR Code Generator <= 1.2.5 - Vulnérabilité de téléchargement de fichiers arbitraires non authentifiés
Community Alert OwnID Authentication Bypass(CVE202510294)
WordPress OwnID Passwordless Login plugin <= 1.3.4 - Authentication Bypass vulnerability
Security Alert WordPress Zip Attachment Exposure(CVE202511701)
WordPress Zip Attachments plugin <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure vulnerability