Hong Kong Security Alert WordPress Stored XSS(CVE20259077)
WordPress Ultra Addons Lite for Elementor plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Animated Text Field vulnerability
Community Advisory WordPress Dispatcher SQL Injection(CVE202510582)
WordPress WP Dispatcher plugin <= 1.2.0 - Authenticated (Contributor+) SQL Injection vulnerability
Alerte de sécurité Hong Kong Vulnérabilité WP Dispatcher (CVE20259212)
Plugin WordPress WP Dispatcher <= 1.2.0 - Vulnérabilité de téléchargement de fichiers arbitraires authentifiés (Abonné+)
Hong Kong Security Advisory Flexi Plugin XSS(CVE20259129)
WordPress Flexi plugin <= 4.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via flexi-form-tag Shortcode vulnerability
Community Alert JoomSport Directory Traversal Vulnerability(CVE20257721)
WordPress JoomSport plugin <= 5.7.3 - Unauthenticated Directory Traversal to Local File Inclusion vulnerability
Avis de sécurité de Hong Kong Risque CSRF MPWizard (CVE20259885)
Plugin WordPress MPWizard <= 1.2.1 - Vulnérabilité de falsification de requête cross-site pour la suppression de publications arbitraires
Hong Kong Advisory ZoloBlocks Stored XSS Risk(CVE20259075)
WordPress ZoloBlocks plugin <= 2.3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Alert Managefy Plugin Information Exposure Risk(CVE202510744)
WordPress File Manager, Code editor, backup by Managefy plugin <= 1.6.1 - Unauthenticated Information Exposure vulnerability
Hong Kong Alert CSRF to Stored XSS(CVE20259946)
WordPress LockerPress – WordPress Security Plugin plugin <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Alerte communautaire Risque de contournement d'authentification LatePoint (CVE20257038)
Plugin WordPress LatePoint <= 5.1.94 - Contournement d'authentification non authentifiée via la vulnérabilité de la fonction load_step