Avis de sécurité HK suppression de médias du plugin SEO (CVE202512847)
Plugin SEO tout-en-un WordPress <= 4.8.9 - Vulnérabilité de suppression arbitraire de médias manquant d'autorisation pour les utilisateurs authentifiés (Contributeur+)
Hong Kong Security Advisory Arbitrary Image Move(CVE202512494)
WordPress Image Gallery – Photo Grid & Video Gallery plugin <= 2.12.28 - Improper Authorization to Authenticated (Author+) Arbitrary Image File Move vulnerability
Community Security Alert Wishlist Plugin Deletion Flaw(CVE202512087)
WordPress Wishlist and Save for later for Woocommerce plugin <= 1.1.22 - Insecure Direct Object Reference to Authenticated (Subscriber+) Wishlist Item Deletion vulnerability
Add Multiple Marker Plugin Unauthorized Settings Risk(CVE202511999)
WordPress Add Multiple Marker plugin <= 1.2 - Missing Authorization to Unauthenticated Settings Update vulnerability
Alerte de Sécurité de Hong Kong Exposition d'Informations Non Authentifiée (CVE202511997)
Plugin WordPress Document Pro Elementor – Documentation & Base de Connaissances <= 1.0.9 - Vulnérabilité d'Exposition d'Informations Non Authentifiée
Alerte de sécurité de Hong Kong Vulnérabilité FunnelKit (CVE202510567)
Plugin WordPress FunnelKit < 3.12.0.1 - Vulnérabilité XSS réfléchie
ZoloBlocks Access Control Vulnerability Community Advisory(CVE202549903)
WordPress ZoloBlocks plugin <= 2.3.11 - Broken Access Control vulnerability
Community Alert Easy Digital Downloads Order Risk(CVE202511271)
WordPress Easy Digital Download plugin <= 3.5.2 - Insufficient Verification to Order Manipulation vulnerability
Calendrier des événements de l'avis de sécurité publique Injection SQL (CVE202512197)
Plugin WordPress The Events Calendar 6.15.1.1 - 6.15.9 - Injection SQL non authentifiée via s vulnérabilité
Community Advisory LC Wizard Plugin Authorization Flaw(CVE20255483)
WordPress LC Wizard plugin 1.2.10 - 1.3.0 - Missing Authorization to Unauthenticated Privilege Escalation vulnerability