Alerte de sécurité de Hong Kong XSS du parseur README WordPress (CVE20258720)
Plugin WordPress README Parser <= 1.3.15 - XSS stocké authentifié (Contributeur+) via la vulnérabilité du paramètre cible
HK Security Alert WordPress AI Pack Bypass(CVE20257664)
WordPress Al Pack plugin <= 1.0.2 - Missing Authorization to Unauthenticated Premium Feature Activation via check_activate_permission Function vulnerability
HK Security NGO warns WordPress Surbma XSS(CVE20257649)
WordPress Surbma | Recent Comments Shortcode plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Hong Kong Security Alert StoryChief Unauthenticated Upload(CVE20257441)
WordPress StoryChief plugin <= 1.0.42 - Unauthenticated Arbitrary File Upload vulnerability
HK Security Alert Unauthenticated Poll Maker Data(CVE202412575)
WordPress Poll Maker plugin <= 5.8.9 - Unauthenticated Basic Information Exposure vulnerability
HK Security NGO Warns WordPress Validation Flaw(CVE20257507)
WordPress elink – Embed Content plugin <= 1.1.0 - Authenticated (Contributor+) Insufficient Input Validation vulnerability
HK NGO Alerts WordPress Earnware Connect XSS(CVE20257651)
WordPress Earnware Connect plugin <= 1.0.73 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
WordPress User Meta CSRF Exposes Stored XSS(CVE20257688)
WordPress Add User Meta plugin <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Alerte de sécurité de Hong Kong Flaw LatestCheckins WordPress (CVE20257683)
Plugin LatestCheckins WordPress <= 1 - Vulnérabilité de falsification de requête intersite vers script intersite stocké
HK Security NGO Alerts Unauthenticated File Upload(CVE20256679)
WordPress Bit Form – Contact Form plugin <= 2.20.3 - Unauthenticated Arbitrary File Upload vulnerability