Hong Kong Security Alert WordPress OTP Bypass(CVE20258342)
Urgent: Authentication Bypass in “Login with phone number” (
Hong Kong NGO Warns WordPress PPWP Flaw(CVE20255998)
WordPress PPWP plugin < 1.9.11 - Subscriber+ Access Bypass via REST API vulnerability
Hong Kong Security QSM CSRF Template Creation(CVE20256790)
WordPress QSM plugin < 10.2.3 - Template Creation via CSRF vulnerability
Hong Kong Security Warns WooCommerce Tip Manipulation(CVE20256025)
WordPress Order Tip for WooCommerce plugin <= 1.5.4 - Unauthenticated Tip Manipulation to Negative Value Leading to Unauthorized Discounts vulnerability
Hong Kong NGO warns WordPress QSM CSRF(CVE20256790)
WordPress QSM plugin < 10.2.3 - Template Creation via CSRF vulnerability
Hong Kong Security Advisory WordPress Slider SSRF(CVE20258680)
WordPress B Slider - Gutenberg Slider Block for WP plugin <= 2.0.0 - Authenticated (Subscriber+) Server-Side Request Forgery vulnerability
Hong Kong Security NGO alerts WordPress XSS(CVE20253414)
WordPress Structured Content plugin < 1.7.0 - Contributor Stored XSS vulnerability
Hong Kong NGO warns WordPress Shopify XSS(CVE20257808)
WordPress WP Shopify plugin < 1.5.4 - Reflected XSS vulnerability
Here are some options under seven words: – HK Security NGO Alerts Elementor Addons XSS – Hong Kong Security NGO Alerts Elementor XSS – HK Security NGO Warns Elementor XSS(CVE20258451)
WordPress Essential Addons for Elementor plugin <= 6.2.2 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via 'data-gallery-items' vulnerability
Hong Kong Security NGO WordPress Reflected XSS(CVE20258046)
WordPress Injection Guard plugin < 1.2.8 - Reflected XSS via $_SERVER['REQUEST_URI'] vulnerability