Hong Kong Security Notice wpmpdf XSS Risk(CVE202560040)
WordPress wp-mpdf Plugin <= 3.9.1 - Cross Site Scripting (XSS) Vulnerability
Hong Kong Security Alert Vehica CSRF Vulnerability(CVE202560117)
WordPress Vehica Core Plugin <= 1.0.100 - Cross Site Request Forgery (CSRF) Vulnerability
Community Alert XSS in Support Ticket Plugin(CVE202560157)
WordPress WP Ticket Customer Service Software & Support Ticket System Plugin <= 6.0.2 - Cross Site Scripting (XSS) Vulnerability
Hong Kong Security Alert Mega Elements XSS(CVE20258200)
WordPress Mega Elements plugin <= 1.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown Timer Widget vulnerability
Hong Kong Security Alert OAuth SSO Vulnerability(CVE202510752)
WordPress OAuth Single Sign On – SSO (OAuth Client) plugin <= 6.26.12 - Cross-Site Request Forgery vulnerability
Hong Kong Security Alert Tiktok Feed XSS(CVE20258906)
WordPress Widgets for Tiktok Feed plugin <= 1.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Themify Builder Stored Cross Site Scripting Vulnerability(CVE20259353)
WordPress Themify Builder plugin <= 7.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Security Alert WordPress Employee Spotlight XSS(CVE202558915)
WordPress Employee Spotlight plugin <= 5.1.0 - Cross Site Scripting (XSS) vulnerability
Community Security Alert osTicket Bridge CSRF XSS(CVE20259882)
WordPress osTicket WP Bridge plugin <= 1.9.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Community Security Advisory StoreEngine File Upload Flaw(CVE20259216)
WordPress StoreEngine plugin <= 1.5.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability