Hong Kong Security Alert WP Dispatcher Vulnerability(CVE20259212)
WordPress WP Dispatcher plugin <= 1.2.0 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Hong Kong Security Advisory Flexi Plugin XSS(CVE20259129)
WordPress Flexi plugin <= 4.28 - Authenticated (Contributor+) Stored Cross-Site Scripting via flexi-form-tag Shortcode vulnerability
Community Alert JoomSport Directory Traversal Vulnerability(CVE20257721)
WordPress JoomSport plugin <= 5.7.3 - Unauthenticated Directory Traversal to Local File Inclusion vulnerability
Hong Kong Security Advisory MPWizard CSRF Risk(CVE20259885)
WordPress MPWizard plugin <= 1.2.1 - Cross-Site Request Forgery to Arbitrary Post Deletion vulnerability
Hong Kong Advisory ZoloBlocks Stored XSS Risk(CVE20259075)
WordPress ZoloBlocks plugin <= 2.3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Alert Managefy Plugin Information Exposure Risk(CVE202510744)
WordPress File Manager, Code editor, backup by Managefy plugin <= 1.6.1 - Unauthenticated Information Exposure vulnerability
Hong Kong Alert CSRF to Stored XSS(CVE20259946)
WordPress LockerPress – WordPress Security Plugin plugin <= 1.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Community Alert LatePoint Authentication Bypass Risk(CVE20257038)
WordPress LatePoint plugin <= 5.1.94 - Unauthenticated Authentication Bypass via load_step Function vulnerability
Professional Contact Form CSRF Alert(CVE20259944)
WordPress Professional Contact Form plugin <= 1.0.0 - Cross-Site Request Forgery to Test Email Sending vulnerability
Hong Kong Advisory Ninja Forms CSRF Threat(CVE202510499)
WordPress Ninja Forms plugin <= 3.12.0 - Cross-Site Request Forgery to Plugin Settings Update vulnerability
English 
Chinese (Hong Kong) 
Chinese (China)