Community Advisory URLYar Stored XSS Risk(CVE202510133)
WordPress URLYar plugin <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
HK Security Alert WPBakery Cross Site Scripting(CVE202511161)
Plugin WordPress WPBakery Page Builder <= 8.6.1 - Vulnérabilité de Cross-Site Scripting stockée via le shortcode vc_custom_heading
Hong Kong Security Alert WordPress SSO Exposure(CVE202510648)
WordPress Login with YourMembership - YM SSO Login plugin <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes' vulnerability
Community Security Alert Demo Import Kit(CVE202510051)
WordPress Demo Import Kit plugin <= 1.1.0 - Authenticated (Admin+) Arbitrary File Upload vulnerability
Civic Cybersecurity Alert onOffice SQL Injection(CVE202510045)
WordPress onOffice pour le plugin WP-Websites <= 5.7 - Vulnérabilité d'injection SQL authentifiée (Éditeur+)
Hong Kong Security Advisory Bouton de Code Court XSS(CVE202510194)
Plugin Bouton de Code Court WordPress <= 1.1.9 - Authentifié (Contributeur+) Vulnérabilité de Script Inter-Site Stocké
Hong Kong Security Advisory Theme Importer CSRF(CVE202510312)
WordPress Theme Importer plugin <= 1.0 - Cross-Site Request Forgery vulnerability
Alerte communautaire Vulnérabilité XSS authentifiée du plugin Digiseller (CVE202510141)
Plugin WordPress Digiseller <= 1.3.0 - Vulnérabilité de Cross-Site Scripting stockée authentifiée (Contributeur+)
Hong Kong Security Alert SSO Data Exposure(CVE202510648)
WordPress Login with YourMembership - YM SSO Login plugin <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes' vulnerability
Hong Kong Security Notice FunKItools CSRF Vulnerability(CVE202510301)
WordPress FunKItools plugin <= 1.0.2 - Cross-Site Request Forgery to Settings Update vulnerability