GiveWP Donation Plugin Authorization Flaw Advisory(CVE202511228)
WordPress GiveWP – Donation Plugin and Fundraising Platform plugin <= 4.10.0 - Missing Authorization to Unauthenticated Forms-Campaign Association vulnerability
Alerte Hong Kong Flaw de téléchargement de fichiers WordPress (CVE20259212)
Plugin WordPress WP Dispatcher <= 1.2.0 - Vulnérabilité de téléchargement de fichiers arbitraires authentifiés (Abonné+)
Hong Kong Advisory Ird Slider Stored XSS(CVE20259876)
WordPress Ird Slider plugin <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Alert Meks Easy Maps Stored XSS(CVE20259206)
Plugin WordPress Meks Easy Maps <= 2.1.4 - Vulnérabilité de Cross-Site Scripting stockée authentifiée (Contributor+)
Community Alert Backup Bolt Arbitrary File Download(CVE202510306)
WordPress Backup Bolt plugin <= 1.4.1 - Authenticated (Admin+) Arbitrary File Download vulnerability
Alerte de sécurité de Hong Kong Barre de notification CSRF (CVE20259895)
Plugin WordPress Notification Bar <= 2.2 - Vulnérabilité de falsification de requête intersite
Community Alert WPRecovery SQL Injection Threat(CVE202510726)
WordPress WPRecovery plugin <= 2.0 - Unauthenticated SQL Injection to Arbitrary File Deletion vulnerability
Hong Kong Security Notice Missing Plugin Authorization(CVE202510746)
WordPress Integrate Dynamics 365 CRM plugin <= 1.0.9 - Missing Authorization vulnerability
Security Advisory Restrict User Registration CSRF(CVE20259892)
WordPress Restrict User Registration plugin <= 1.0.1 - Cross-Site Request Forgery to Settings Update vulnerability
Avis communautaire CSRF du plugin ContentMX (CVE20259889)
Plugin WordPress ContentMX Content Publisher <= 1.0.6 - Vulnérabilité de falsification de requête inter-sites