Community Alert Missing Authorization in Membership Plugin(CVE202511835)
WordPress Paid Membership Subscriptions plugin <= 2.16.4 - Missing Authorization to Unauthenticated Arbitrary Member Subscription Auto Renewal vulnerability
Community Alert Image Comparison Addon Unauthorized Upload(CVE202510896)
WordPress Image Comparison Addon for Elementor plugin <= 1.0.2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Upload vulnerability
Community Alert Image Comparison Addon Upload Vulnerability(CVE202510896)
WordPress Image Comparison Addon for Elementor plugin <= 1.0.2.2 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Upload vulnerability
Security Advisory CSRF in Navigation Links Plugin(CVE202512188)
WordPress Posts Navigation Links for Sections and Headings plugin <= 1.0.1 - Cross-Site Request Forgery to Settings Update vulnerability
DominoKit Plugin Poses Public Security Risk(CVE202512350)
WordPress DominoKit plugin <= 1.1.0 - Missing Authorization to Unauthenticated Settings Update vulnerability
Hong Kong Security Advisory Plugin Privilege Escalation(CVE202512158)
WordPress Simple User Capabilities plugin <= 1.0 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation vulnerability
Hong Kong Security Alert Payeer Payment Bypass(CVE202511890)
WordPress Crypto Payment Gateway with Payeer for WooCommerce plugin <= 1.0.3 - Unauthenticated Payment Bypass vulnerability
Hong Kong Security Advisory Post SMTP Exposure(CVE202511833)
WordPress Post SMTP plugin <= 3.6.0 - Missing Authorization to Account Takeover via Unauthenticated Email Log Disclosure vulnerability
Protecting Hong Kong Websites Against SiteSEO Vulnerability(CVE202512367)
WordPress SiteSEO plugin <= 1.3.1 - Missing Authorization to Authenticated (Author+) Plugin Settings Update vulnerability
Hong Kong Security Advisory Discourse Plugin Leak(CVE202511983)
WordPress WP Discourse plugin <= 2.5.9 - Authenticated (Author+) Information Exposure vulnerability