Hong Kong Security NGO Warns Welcart XSS Risk(CVE202558984)
WordPress Welcart e-Commerce Plugin <= 2.11.20 - Cross Site Scripting (XSS) Vulnerability
Public Advisory Include Me Plugin XSS Risk(CVE202558983)
WordPress Include Me Plugin <= 1.3.2 - Cross Site Scripting (XSS) Vulnerability
Public Safety Notice Tutor LMS SQL Injection(CVE202558993)
WordPress Tutor LMS Plugin <= 3.7.4 - SQL Injection Vulnerability
Community Alert AutomatorWP Enables Remote Code Execution(CVE20259539)
WordPress AutomatorWP plugin <= 5.3.6 - Missing Authorization To Authenticated (Subscriber+) Remote Code Execution via Automation Creation vulnerability
Doccure Plugin Subscriber File Upload Vulnerability Advisory(CVE20259112)
WordPress Doccure plugin <= 1.4.8 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Hong Kong Security Alert Goza Upload Risk(CVE20255394)
WordPress Goza theme <= 3.2.2 - Missing Authorization to Unauthenticated Arbitrary File Upload via Plugin Installation vulnerability
Alert Goza Theme Unauthorised File Deletion Risk(CVE202510134)
WordPress Goza theme <= 3.2.2 - Missing Authorization to Unauthenticated Arbitrary File Deletion vulnerability
Hong Kong Security Advisory Doccure Password Flaw(CVE20259114)
WordPress Doccure plugin <= 1.4.8 - Unauthenticated Arbitrary User Password Change vulnerability
Security Alert Rehub theme exposes protected posts(CVE20257368)
WordPress Rehub theme <= 19.9.7 - Unauthenticated Password Protected Post Disclosure vulnerability
Contributor Stored Cross Site Scripting Vulnerability(CVE20259849)
WordPress Html Social share buttons plugin <= 2.1.16 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability