Security Advisory Arbitrary Order Refund Vulnerability(CVE202510570)
WordPress Flexible Refund and Return Order for WooCommerce plugin <= 1.0.38 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order Refund vulnerability
Urgent Alert PixelYourSite GDPR Settings Exploited(CVE202510588)
WordPress PixelYourSite plugin <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification vulnerability
Security Advisory Optimole Image IDOR Vulnerability(CVE202511519)
WordPress Image optimization service by Optimole plugin <= 4.1.0 - Insecure Direct Object Reference to Authenticated (Author+) Media Offload vulnerability
सामुदायिक चेतावनी LearnPress अनधिकृत डेटाबेस एक्सेस (CVE202511372)
वर्डप्रेस LearnPress - वर्डप्रेस LMS प्लगइन प्लगइन <= 4.2.9.3 - अनधिकृत डेटाबेस तालिका हेरफेर भेद्यता के लिए प्राधिकरण की कमी
थीम संपादक CSRF जोखिम दूरस्थ कोड निष्पादन(CVE20259890)
वर्डप्रेस थीम संपादक प्लगइन <= 3.0 - दूरस्थ कोड निष्पादन के लिए क्रॉस-साइट अनुरोध धोखाधड़ी भेद्यता
Urgent Advisory LearnPress Database Authorization Flaw(CVE202511372)
वर्डप्रेस LearnPress - वर्डप्रेस LMS प्लगइन प्लगइन <= 4.2.9.3 - अनधिकृत डेटाबेस तालिका हेरफेर भेद्यता के लिए प्राधिकरण की कमी
Hong Kong GSpeech TTS Security Advisory(CVE202510187)
WordPress GSpeech TTS – WordPress Text To Speech Plugin plugin <= 3.17.13 - Authenticated (Admin+) SQL injection vulnerability
Hong Kong Security Notice PPOM SQL Injection(CVE202511691)
WordPress PPOM – Product Addons & Custom Fields for WooCommerce plugin <= 33.0.15 - Unauthenticated SQL Injection vulnerability
Public Advisory WordPress Map Plugin Cache Poisoning(CVE202511703)
WordPress WP Go Maps (formerly WP Google Maps) plugin <= 9.0.48 - Unauthenticated Cache Poisoning vulnerability
Hong Kong Security Alert WPBakery XSS Risk(CVE202510006)
WordPress WPBakery Page Builder plugin <= 8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability