WP Security
WWordPress Vulnerability Database

HK Security Bulletin WordPress Coupon Affiliates Vulnerability(CVE202554025)

  • August 8, 2025
WordPress Coupon Affiliates Plugin <= 6.4.0 - Settings Change Vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Advisory WordPress Path Traversal(CVE202553561)

  • August 8, 2025
WordPress Prevent files / folders access Plugin <= 2.6.0 - Path Traversal Vulnerability
Read More
WWordPress Vulnerability Database

Here are concise options under 8 words with a Hong Kong security NGO tone: – Hong Kong Security Advisory WordPress Xinterio LFI – WordPress Xinterio LFI Risk Hong Kong Security – Hong Kong Security Alert Xinterio LFI – Xinterio WordPress LFI Advisory Hong Kong Which would you prefer or should I tailor the tone further?(CVE202554690)

  • August 8, 2025
WordPress Xinterio Theme <= 4.2 - Local File Inclusion Vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong WordPress Urna Theme LFI Alert(CVE202554689)

  • August 8, 2025
WordPress Urna Theme <= 2.5.7 - Local File Inclusion Vulnerability
Read More
WWordPress Vulnerability Database

Protecting WordPress from XSS Vulnerabilities(CVE202549061)

  • August 8, 2025
Critical Vulnerability Alert: Cross-Site Scripting in Popular WordPress Plugin ‘Porn Videos Embed’ (Versions ≤ 0.9.1) Critical Vulnerability Alert:…
Read More
WWordPress Vulnerability Database

Critical WordPress XSS Vulnerability in Cost Calculator Plugin(CVE202554046)

  • August 8, 2025
WordPress Cost Calculator Plugin <= 7.4 - Cross Site Scripting (XSS) Vulnerability
Read More
WWordPress Vulnerability Database

Enhancing WordPress Security Against Countdown Exploits(CVE202575498)

  • August 6, 2025
WordPress Exclusive Addons for Elementor plugin <= 2.7.9.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown vulnerability
Read More
WWordPress Vulnerability Database

Critical Vulnerability in WooCommerce Multiple File Upload(CVE20254403)

  • August 6, 2025
WordPress Drag and Drop Multiple File Upload for WooCommerce plugin <= 1.1.6 - Unauthenticated Arbitrary File Upload via upload Function vulnerability
Read More
WWordPress Vulnerability Database

WordPress Booking Ultra Pro Plugin <1.1.4 - Cross-Site Scripting (XSS) vulnerability

  • May 7, 2023
The WordPress Booking Ultra Pro Plugin (v1.1.4 or earlier) has an unfixed high-severity XSS vulnerability, allowing malicious script injection. Other known vulnerabilities include CSRF issues.
Read More
SSecurity Foundations

How API Abuse Has Been the Leading Cause of Data Breaches

  • February 20, 2023
For good reason, API Abuse has recently become a significant topic among security professionals. Large-scale data breaches have occurred in the previous two years as a result of APIs being abused and misused in some way.
Read More
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

hi there 👋 Sign up to receive awesome WP-Security Alert and update in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0