Media Author Plugin Broken Access Control Advisory(CVE202558841)
WordPress Media Author Plugin <= 1.0.4 - Broken Access Control Vulnerability
Atec Debug Plugin Administrator File Deletion Risk(CVE20259518)
WordPress atec Debug plugin <= 1.2.22 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability
Hong Kong Security Advisory Make Connector Vulnerability(CVE20256085)
WordPress Make Connector plugin <= 1.5.10 - Authenticated (Administrator+) Arbitrary File Upload vulnerability
Hong Kong Security Alert Skyword Stored XSS(CVE202411907)
WordPress Skyword API Plugin plugin <= 2.5.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Alerte communautaire : vulnérabilité XSS stockée de TablePress (CVE20259500)
Plugin WordPress TablePress <= 3.2 - Authentifié (Contributeur+) vulnérabilité de script intersite stocké via le paramètre shortcode_debug
Hong Kong Security Advisory Ocean Extra XSS(CVE20259499)
WordPress Ocean Extra plugin <= 2.4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via oceanwp_library Shortcode vulnerability
Security Advisory Booster for WooCommerce File Upload(CVE202413342)
WordPress Booster for WooCommerce plugin <= 7.2.4 - Unauthenticated Double Extension Arbitrary File Upload vulnerability
Avis de sécurité de Hong Kong Slider Revolution Vulnerability (CVE20259217)
Plugin WordPress Slider Revolution <= 6.7.36 - Authentifié (Contributeur+) Lecture de fichier arbitraire via la vulnérabilité 'used_svg' et 'used_images'
Hong Kong Security Alert iATS SQL Injection(CVE20259441)
WordPress iATS Online Forms plugin <= 1.2 - Authenticated (Contributor+) SQL Injection via order Parameter vulnerability
Security Alert Related Posts Lite CSRF Vulnerability(CVE20259618)
WordPress Related Posts Lite plugin <= 1.12 - Cross-Site Request Forgery vulnerability