WP Security
WWordPress Vulnerability Database

HK Security NGO warns WordPress Surbma XSS(CVE20257649)

  • August 16, 2025
WordPress Surbma | Recent Comments Shortcode plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert StoryChief Unauthenticated Upload(CVE20257441)

  • August 16, 2025
WordPress StoryChief plugin <= 1.0.42 - Unauthenticated Arbitrary File Upload vulnerability
Read More
WWordPress Vulnerability Database

HK Security Alert Unauthenticated Poll Maker Data(CVE202412575)

  • August 16, 2025
WordPress Poll Maker plugin <= 5.8.9 - Unauthenticated Basic Information Exposure vulnerability
Read More
WWordPress Vulnerability Database

HK Security NGO Warns WordPress Validation Flaw(CVE20257507)

  • August 16, 2025
WordPress elink – Embed Content plugin <= 1.1.0 - Authenticated (Contributor+) Insufficient Input Validation vulnerability
Read More
WWordPress Vulnerability Database

HK NGO Alerts WordPress Earnware Connect XSS(CVE20257651)

  • August 16, 2025
WordPress Earnware Connect plugin <= 1.0.73 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

WordPress User Meta CSRF Exposes Stored XSS(CVE20257688)

  • August 16, 2025
WordPress Add User Meta plugin <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert WordPress LatestCheckins Flaw(CVE20257683)

  • August 16, 2025
WordPress LatestCheckins plugin <= 1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

HK Security NGO Alerts Unauthenticated File Upload(CVE20256679)

  • August 15, 2025
WordPress Bit Form – Contact Form plugin <= 2.20.3 - Unauthenticated Arbitrary File Upload vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Alerts WordPress Access Flaw(CVE202549895)

  • August 15, 2025
WordPress School Management Plugin <= 93.2.0 - Broken Access Control Vulnerability
Read More
WWordPress Vulnerability Database

HK Security WordPress Video Plugin Access Vulnerability(CVE202549432)

  • August 15, 2025
WordPress Ultimate Video Player Plugin <= 10.1 - Broken Access Control Vulnerability
Read More
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

hi there 👋 Sign up to receive awesome WP-Security Alert and update in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0