Hong Kong Security Advisory UsersWP SQL Injection(CVE202510003)
WordPress UsersWP plugin <= 1.2.44 - Authenticated (Subscriber+) SQL Injection vulnerability
Community Alert Rehub Theme Shortcode Vulnerability(CVE20257366)
WordPress Rehub theme <= 19.9.7 - Unauthenticated Arbitrary Shortcode Execution via re_filterpost vulnerability
Security Advisory Smart Table Builder Stored XSS(CVE20259126)
WordPress Smart Table Builder plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via id Parameter vulnerability
AdForest Theme Admin Access Bypass Advisory(CVE20258359)
WordPress AdForest theme <= 6.0.9 - Authentication Bypass to Admin vulnerability
Community Security Advisory Easy Social Feed XSS(CVE20256067)
WordPress Easy Social Feed plugin <= 6.6.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
HK Security Alert Element Kit XSS(CVE20258360)
WordPress LA-Studio Element Kit for Elementor plugin <= 1.5.5.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Security Advisory Simple Gallery Plugin SQL Injection(CVE202558881)
WordPress New Simple Gallery Plugin <= 8.0 - SQL Injection Vulnerability
Community Alert eDS Responsive Menu Plugin Vulnerability(CVE202558839)
WordPress eDS Responsive Menu Plugin <= 1.2 - PHP Object Injection Vulnerability
Media Author Plugin Broken Access Control Advisory(CVE202558841)
WordPress Media Author Plugin <= 1.0.4 - Broken Access Control Vulnerability
Atec Debug Plugin Administrator File Deletion Risk(CVE20259518)
WordPress atec Debug plugin <= 1.2.22 - Authenticated (Administrator+) Arbitrary File Deletion vulnerability