Hong Kong Security Advisory Event Tickets Bypass(CVE202511517)
WordPress Event Tickets and Registration plugin <= 5.26.5 - Unauthenticated Ticket Payment Bypass vulnerability
Community Alert Theme Editor CSRF Enables RCE(CVE20259890)
WordPress Theme Editor plugin <= 3.0 - Cross-Site Request Forgery to Remote Code Execution vulnerability
Hong Kong Security Alert WordPress Map Injection(CVE202511365)
WordPress WP Google Map Plugin plugin <= 1.0 - Authenticated (Contributor+) SQL Injection vulnerability
HK Security Alert Quick Featured Images Flaw(CVE202511176)
WordPress Quick Featured Images plugin <= 13.7.2 - Insecure Direct Object Reference to Image Manipulation vulnerability
Hong Kong Security Advisory WordPress BlindMatrix LFI(CVE202510406)
WordPress BlindMatrix e-Commerce plugin < 3.1 - Contributor+ LFI vulnerability
Avis de la communauté Plugin Felan Identifiants codés en dur (CVE202510850)
Plugin WordPress Felan Framework <= 1.1.4 - Vulnérabilité des identifiants codés en dur
Public Security Notice Truelysell Password Vulnerability(CVE202510742)
WordPress Truelysell Core plugin <= 1.8.6 - Unauthenticated Arbitrary User Password Change vulnerability
Community Alert Felan Framework Unauthorised Plugin Activation(CVE202510849)
WordPress Felan Framework plugin <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Activation/Deactivation via process_plugin_actions vulnerability
Hong Kong Security Alert BookWidgets XSS(CVE202510139)
WordPress WP BookWidgets plugin <= 0.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Advisory WPBakery Stored Cross Site Scripting(CVE202511160)
WordPress WPBakery Page Builder plugin <= 8.6.1 - Stored Cross-Site Scripting via Custom JS Module vulnerability