HK Security Advisory LH Signing Plugin CSRF(CVE20259633)
WordPress LH Signing plugin <= 2.83 - Cross-Site Request Forgery vulnerability
Stored XSS in AzureCurve BBCode Plugin(CVE20258398)
WordPress azurecurve BBCode plugin <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via url Shortcode vulnerability
Hong Kong Security Alert ThemeLoom Widgets XSS(CVE20259861)
WordPress ThemeLoom Widgets plugin <= 1.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
HK Security Advisory Certifica Stored XSS(CVE20258316)
WordPress Certifica WP plugin <= 3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via evento Parameter vulnerability
Hong Kong Security Alert Elementor Addons XSS(CVE20258215)
WordPress Responsive Addons for Elementor plugin <= 1.7.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Hong Kong Security Advisory CatFolders SQL Injection(CVE20259776)
WordPress CatFolders plugin <= 2.5.2 - Authenticated (Author+) SQL Injection via CSV Import vulnerability
HK Security NGO Alert PagBank PagSeguro SQL(CVE202510142)
WordPress PagBank / PagSeguro Connect plugin <= 4.44.3 - Authenticated (Shop Manager+) SQL Injection vulnerability
Community Security Advisory PeachPay SQL Injection(CVE20259463)
WordPress PeachPay Payments plugin <= 1.117.5 - Authenticated (Contributor+) SQL Injection via order_by Parameter vulnerability
Protect Users from Accessibility Plugin Access Risk(CVE202558976)
WordPress Accessibility Checker by Equalize Digital Plugin <= 1.31.0 - Broken Access Control Vulnerability
Hong Kong Security NGO Warns Welcart XSS Risk(CVE202558984)
WordPress Welcart e-Commerce Plugin <= 2.11.20 - Cross Site Scripting (XSS) Vulnerability