सार्वजनिक सलाह थीम आयातक CSRF भेद्यता(CVE202510312)
WordPress थीम आयातक प्लगइन <= 1.0 - क्रॉस-साइट अनुरोध धोखाधड़ी भेद्यता
हांगकांग सुरक्षा अलर्ट Lisfinity विशेषाधिकार वृद्धि(CVE20256042)
वर्डप्रेस Lisfinity कोर - Lisfinity कोर प्लगइन जो pebas® Lisfinity वर्डप्रेस थीम प्लगइन <= 1.4.0 के लिए उपयोग किया जाता है - संपादक भेद्यता के लिए बिना प्रमाणीकरण विशेषाधिकार वृद्धि
Oceanpayment Plugin Permits Unauthenticated Order Status Changes(CVE202511728)
WordPress Oceanpayment CreditCard Gateway plugin <= 6.0 - Missing Authentication to Unauthenticated Order Status Update vulnerability
Security Advisory Dynamically Display Posts SQL Injection(CVE202511501)
WordPress Dynamically Display Posts plugin <= 1.1 - Unauthenticated SQL Injection vulnerability
Community Advisory Shortcode Button Stored XSS(CVE202510194)
WordPress शॉर्टकोड बटन प्लगइन <= 1.1.9 - प्रमाणित (योगदानकर्ता+) संग्रहीत क्रॉस-साइट स्क्रिप्टिंग भेद्यता
Community Security Alert Demo Import Kit Vulnerability(CVE202510051)
WordPress Demo Import Kit plugin <= 1.1.0 - Authenticated (Admin+) Arbitrary File Upload vulnerability
Community Alert NEX Forms SQL Injection(CVE202510185)
WordPress NEX-Forms – Ultimate Forms Plugin for WordPress plugin <= 9.1.6 - Authenticated (Admin+) SQL Injection vulnerability
Community Advisory Ovatheme Events Arbitrary Upload(CVE20256553)
WordPress Ovatheme Events Manager plugin <= 1.8.5 - Unauthenticated Arbitrary File Upload vulnerability
Security Advisory Everest Backup Exposes User Data(CVE202511380)
WordPress Everest Backup plugin <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure vulnerability
HK Security Alert NEX Forms SQL Injection(CVE202510185)
WordPress NEX-Forms – Ultimate Forms Plugin for WordPress plugin <= 9.1.6 - Authenticated (Admin+) SQL Injection vulnerability