WP Security
WWordPress Vulnerability Database

Hong Kong Security Alert Broken Access Control(CVE20249706)

  • February 2, 2026
Broken Access Control in WordPress Ultimate Coming Soon & Maintenance Plugin
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert PDF Generator Flaw(CVE20249935)

  • February 2, 2026
Arbitrary File Download in WordPress PDF Generator Addon for Elementor Page Builder Plugin
Read More
WWordPress Vulnerability Database

Security Advisory XSS in Simple Popup Plugin(CVE20248547)

  • February 2, 2026
Cross Site Scripting (XSS) in WordPress Simple Popup Plugin
Read More
WWordPress Vulnerability Database

Community Events Plugin SQL Injection Alert(CVE202510586)

  • February 2, 2026
SQL Injection in WordPress Community Events Plugin
Read More
WWordPress Vulnerability Database

Preventing SQL Injection in Featured Image Plugin(CVE202510036)

  • February 2, 2026
SQL Injection in WordPress Featured Image from URL Plugin
Read More
WWordPress Vulnerability Database

Community Security Alert CubeWP Data Exposure(CVE202512129)

  • February 2, 2026
Sensitive Data Exposure in WordPress CubeWP Plugin
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert CSRF in XCloner(CVE202511759)

  • February 2, 2026
Cross Site Request Forgery (CSRF) in WordPress XCloner Plugin
Read More
WWordPress Vulnerability Database

Community Alert CSRF Risk in Image Optimizer(CVE202512190)

  • February 2, 2026
Cross Site Request Forgery (CSRF) in WordPress Image Optimizer by wps.sk Plugin
Read More
WWordPress Vulnerability Database

Hong Kong Security Advisory XSS in Phlox(CVE202512379)

  • February 2, 2026
Cross Site Scripting (XSS) in WordPress Shortcodes and extra features for Phlox theme Plugin
Read More
WWordPress Vulnerability Database

HK Security NGO Alert Webcake Access Flaw(CVE202512165)

  • February 2, 2026
Broken Access Control in WordPress Webcake Plugin
Read More
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

hi there 👋 Sign up to receive awesome WP-Security Alert and update in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Review My Order

0

Suggested for you

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0
English
Chinese (Hong Kong) Chinese (China) Spanish Hindi French