WP Security
WWordPress Vulnerability Database

Safeguard Hong Kong Sites from File Inclusion(CVE20257327)

  • February 10, 2026
Local File Inclusion in WordPress Widget for Google Reviews Plugin
Read More
WWordPress Vulnerability Database

Community Advisory CiyaShop PHP Object Injection(CVE202413824)

  • February 10, 2026
PHP Object Injection in WordPress CiyaShop Theme
Read More
WWordPress Vulnerability Database

HK Security Alert XSS in Events Calendar(CVE20261922)

  • February 10, 2026
Cross Site Scripting (XSS) in WordPress The Events Calendar Shortcode & Block Plugin
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert WCFM Access Vulnerability(CVE20260845)

  • February 10, 2026
Broken Access Control in WordPress WCFM – Frontend Manager for WooCommerce Plugin
Read More
WWordPress Vulnerability Database

Public Advisory WCFM Membership IDOR Vulnerability(CVE202515147)

  • February 10, 2026
Insecure Direct Object References (IDOR) in WordPress WCFM Membership Plugin
Read More
WWordPress Vulnerability Database

PopupKit Access Control Vulnerability Advisory(CVE202514895)

  • February 10, 2026
Broken Access Control in WordPress PopupKit Plugin
Read More
WWordPress Vulnerability Database

WordPress SVG Plugin XSS Advisory Hong Kong(CVE202411184)

  • February 10, 2026
Cross Site Scripting (XSS) in WordPress WP Enabled SVG Plugin
Read More
WWordPress Vulnerability Database

Protect Hong Kong Users from eRoom Exposure(CVE202511760)

  • February 9, 2026
Sensitive Data Exposure in WordPress eRoom Plugin
Read More
WWordPress Vulnerability Database

Protect Hong Kong Websites from Maps XSS(CVE202413648)

  • February 9, 2026
Cross Site Scripting (XSS) in WordPress Maps for WP Plugin
Read More
WWordPress Vulnerability Database

Whydonate Access Control Risk for Users(CVE202510186)

  • February 9, 2026
Broken Access Control in WordPress Whydonate Plugin
Read More
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

hi there 👋 Sign up to receive awesome WP-Security Alert and update in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Review My Order

0

Suggested for you

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0
English
Chinese (Hong Kong) Chinese (China) Spanish Hindi French