WP Security

Browsing Tag

WordPress Security

444 posts
WWordPress Vulnerability Database

Hong Kong Security Alert SSO Data Exposure(CVE202510648)

  • October 15, 2025
WordPress Login with YourMembership - YM SSO Login plugin <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes' vulnerability
WWordPress Vulnerability Database

Hong Kong Security Notice FunKItools CSRF Vulnerability(CVE202510301)

  • October 15, 2025
WordPress FunKItools plugin <= 1.0.2 - Cross-Site Request Forgery to Settings Update vulnerability
WWordPress Vulnerability Database

Hong Kong Security Advisory WordPress Image Exposure(CVE202511176)

  • October 15, 2025
WordPress Quick Featured Images plugin <= 13.7.2 - Insecure Direct Object Reference to Image Manipulation vulnerability
WWordPress Vulnerability Database

Community Security Alert External Login SQL Injection(CVE202511177)

  • October 15, 2025
WordPress External Login plugin <= 1.11.2 - Unauthenticated SQL Injection via log vulnerability
WWordPress Vulnerability Database

HK Security Advisory Social Login Stored XSS(CVE202510140)

  • October 15, 2025
WordPress Quick Social Login plugin <= 1.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
WWordPress Vulnerability Database

Hong Kong Cybersecurity Alert onOffice SQL Injection(CVE202510045)

  • October 15, 2025
WordPress onOffice for WP-Websites plugin <= 5.7 - Authenticated (Editor+) SQL Injection vulnerability
WWordPress Vulnerability Database

Hong Kong Advisory TopBar CSRF Vulnerability(CVE202510300)

  • October 15, 2025
WordPress TopBar plugin <= 1.0.0 - Cross-Site Request Forgery to Settings Update vulnerability
WWordPress Vulnerability Database

Community Alert Ova Advent Stored XSS(CVE20258561)

  • October 15, 2025
WordPress Ova Advent plugin <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability
WWordPress Vulnerability Database

Hong Kong Security Alert File Deletion Risk(CVE202511692)

  • October 15, 2025
WordPress Zip Attachments plugin <= 1.6 - Missing Authorization to Limited File Deletion vulnerability
WWordPress Vulnerability Database

Community Alert Flex QR Plugin Upload Risk(CVE202510041)

  • October 15, 2025
WordPress Flex QR Code Generator plugin <= 1.2.5 - Unauthenticated Arbitrary File Upload vulnerability
WP Security
© 2025 WP-Security.org Disclaimer: WP-Security.org is an independent, non-profit NGO community committed to sharing WordPress security news and information. We are not affiliated with WordPress, its parent company, or any related entities. All trademarks are the property of their respective owners.

Review My Order

0

Subtotal

Taxes & shipping calculated at checkout

Checkout

 
0