Hong Kong NGO alerts contributors about XSS(CVE20257496)
WordPress WPC Smart Compare for WooCommerce plugin <= 6.4.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
हांगकांग सुरक्षा सलाह FunnelKit अधिकार वृद्धि (CVE20257654)
वर्डप्रेस फनलकिट प्लगइन <= 3.11.0.2 - विशेषाधिकार वृद्धि सुरक्षा दोष
Community Advisory Real Spaces Administrator Escalation(CVE20256758)
WordPress Real Spaces - WordPress Properties Directory Theme plugin <= 3.6 - Unauthenticated Privilege Escalation to Administrator via 'imic_agent_register' vulnerability
Community Alert Cloudflare Image Resizing Exploit(CVE20258723)
WordPress Cloudflare Image Resizing plugin <= 1.5.6 - Missing Authentication to Unauthenticated Remote Code Execution via rest_pre_dispatch Hook vulnerability
Hong Kong Security Advisory Flexible Maps XSS(CVE20258622)
WordPress Flexible Maps plugin <= 1.18.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Flexible Maps Shortcode vulnerability
Hong Kong Security Alert Real Spaces Escalation(CVE20258218)
WordPress Real Spaces - WordPress Properties Directory Theme plugin <= 3.5 - Authenticated (Subscriber+) Privilege Escalation to Administrator via 'change_role_member' vulnerability
हांगकांग सुरक्षा चेतावनी मीडिया लाइब्रेरी हटाना (CVE20258357)
वर्डप्रेस मीडिया लाइब्रेरी सहायक प्लगइन <= 3.27 - प्रमाणित (लेखक+) सीमित फ़ाइल हटाने की भेद्यता
Community Alert Emmet Plugin XSS Threat(CVE202549894)
WordPress WP Emmet plugin <= 0.3.4 - Cross Site Scripting (XSS) vulnerability
Hong Kong Security Notice Elizaibots XSS Vulnerability(CVE202549893)
WordPress Elizaibots plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
HK NGO warns WordPress CSRF Object Injection(CVE202549895)
WordPress ServerBuddy by PluginBuddy.com plugin <= 1.0.5 - CSRF to PHP Object Injection vulnerability