Avis de sécurité de Hong Kong Vulnérabilité XSS Elizaibots (CVE202549893)
Plugin Elizaibots WordPress <= 1.0.2 - Vulnérabilité de Cross Site Scripting (XSS)
ONG de HK avertit de l'injection d'objet CSRF WordPress (CVE202549895)
WordPress ServerBuddy by PluginBuddy.com plugin <= 1.0.5 - CSRF to PHP Object Injection vulnerability
Hong Kong Security WordPress Profile Builder XSS(CVE20258896)
Plugin Name Profile Builder Type of Vulnerability Stored XSS CVE Number CVE-2025-8896 Urgency Medium CVE Publish Date 2025-08-16…
Flaw de confidentialité WordPress BetterDocs expose des publications privées(CVE20257499)
Nom du plugin BetterDocs Type de vulnérabilité Contrôle d'accès rompu Numéro CVE CVE-2025-7499 Urgence Faible Date de publication CVE 2025-08-16…
Hong Kong Security NGO alerts Soledad LFI(CVE20258142)
WordPress Soledad plugin <= 8.6.7 - Authenticated (Contributor+) Local File Inclusion via 'header_layout' vulnerability
Hong Kong Security Alert WordPress iFrame XSS(CVE20258089)
WordPress Advanced iFrame plugin <= 2025.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Hong Kong Security Advisory WordPress Soledad Stored XSS(CVE20258143)
WordPress Soledad plugin <= 8.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'pcsml_smartlists_h' vulnerability
Hong Kong Security NGO Warns Unauthenticated Shortcode(CVE20258105)
WordPress Soledad plugin <= 8.6.7 - Unauthenticated Arbitrary Shortcode Execution vulnerability
Une ONG de Hong Kong avertit de la vulnérabilité du shortcode ProfilePress (CVE20258878)
Plugin WordPress ProfilePress <= 4.16.4 - Vulnérabilité d'exécution de shortcode arbitraire non authentifiée
HK Security NGO Warns CF7 Directory Traversal(CVE20258464)
WordPress Drag and Drop Multiple File Upload for Contact Form 7 plugin <= 1.3.9.0 - Directory Traversal via `wpcf7_guest_user_id` Cookie vulnerability