WP Security
WWordPress Vulnerability Database

Hong Kong Security WordPress README Parser XSS(CVE20258720)

  • August 16, 2025
WordPress Plugin README Parser plugin <= 1.3.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via target Parameter vulnerability
Read More
WWordPress Vulnerability Database

HK Security Alert WordPress AI Pack Bypass(CVE20257664)

  • August 16, 2025
WordPress Al Pack plugin <= 1.0.2 - Missing Authorization to Unauthenticated Premium Feature Activation via check_activate_permission Function vulnerability
Read More
WWordPress Vulnerability Database

HK Security NGO warns WordPress Surbma XSS(CVE20257649)

  • August 16, 2025
WordPress Surbma | Recent Comments Shortcode plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert StoryChief Unauthenticated Upload(CVE20257441)

  • August 16, 2025
WordPress StoryChief plugin <= 1.0.42 - Unauthenticated Arbitrary File Upload vulnerability
Read More
WWordPress Vulnerability Database

HK Security Alert Unauthenticated Poll Maker Data(CVE202412575)

  • August 16, 2025
WordPress Poll Maker plugin <= 5.8.9 - Unauthenticated Basic Information Exposure vulnerability
Read More
WWordPress Vulnerability Database

HK Security NGO Warns WordPress Validation Flaw(CVE20257507)

  • August 16, 2025
WordPress elink – Embed Content plugin <= 1.1.0 - Authenticated (Contributor+) Insufficient Input Validation vulnerability
Read More
WWordPress Vulnerability Database

HK NGO Alerts WordPress Earnware Connect XSS(CVE20257651)

  • August 16, 2025
WordPress Earnware Connect plugin <= 1.0.73 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

WordPress User Meta CSRF Exposes Stored XSS(CVE20257688)

  • August 16, 2025
WordPress Add User Meta plugin <= 1.0.1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

Hong Kong Security Alert WordPress LatestCheckins Flaw(CVE20257683)

  • August 16, 2025
WordPress LatestCheckins plugin <= 1 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Read More
WWordPress Vulnerability Database

HK Security NGO Alerts Unauthenticated File Upload(CVE20256679)

  • August 15, 2025
WordPress Bit Form – Contact Form plugin <= 2.20.3 - Unauthenticated Arbitrary File Upload vulnerability
Read More
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

hi there 👋 Sign up to receive awesome WP-Security Alert and update in your inbox, every week.

We don’t spam! Read our privacy policy for more info.

Check your inbox or spam folder to confirm your subscription.

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0
English
Chinese (Hong Kong) Chinese (China) Spanish Hindi French