Hong Kong Security Alert Authenticated File Deletion(CVE20257846)
WordPress User Extra Fields plugin <= 16.7 - Authenticated (Subscriber+) Arbitrary File Deletion via save_fields Function vulnerability
Hong Kong Security Alert WooCommerce Data Exposure(CVE20237320)
WordPress WooCommerce plugin <= 7.8.2 - Sensitive Information Exposure vulnerability
Community Alert CSRF Risk in WordPress Sync(CVE202511976)
WordPress FuseWP – WordPress User Sync to Email List & Marketing Automation (Mailchimp, Constant Contact, ActiveCampaign etc.) plugin <= 1.1.23.0 - Cross-Site Request Forgery to Sync Rule Creation vulnerability
हांगकांग चेतावनी लिस्टियो स्टोर XSS खतरा (CVE20258413)
वर्डप्रेस लिस्टियो प्लगइन <= 2.0.8 - प्रमाणित (योगदानकर्ता+) स्टोर क्रॉस-साइट स्क्रिप्टिंग साउंडक्लाउड शॉर्टकोड भेद्यता के माध्यम से
Hong Kong Security Alert GenerateBlocks Options Exposure(CVE202511879)
WordPress GenerateBlocks plugin <= 2.1.1 - Improper Authorization to Authenticated (Contributor+) Arbitrary Options Disclosure vulnerability
Community Advisory PixelYourSite Plugin LFI Risk(CVE202510723)
WordPress PixelYourSite plugin < 11.1.2 - Admin+ LFI vulnerability
Hong Kong Security Alert ZoloBlocks Popup Flaw(CVE202512134)
WordPress ZoloBlocks plugin <= 2.3.11 - Missing Authorization to Unauthenticated Popup Enable/Disable vulnerability
Hong Kong Security Alert WordPress Template CSRF(CVE202512072)
WordPress Disable Content Editor For Specific Template plugin <= 2.0 - Cross-Site Request Forgery to Template Configuration Update vulnerability
सामुदायिक अलर्ट वर्डप्रेस रैपिडरिजल्ट SQL इंजेक्शन (CVE202510748)
वर्डप्रेस रैपिडरिजल्ट प्लगइन <= 1.2 - प्रमाणित (योगदानकर्ता+) SQL इंजेक्शन भेद्यता
Security Advisory Arbitrary Order Refund Vulnerability(CVE202510570)
WordPress Flexible Refund and Return Order for WooCommerce plugin <= 1.0.38 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Order Refund vulnerability