社區警報簡易下載監控 SQL 注入(CVE20258977)
WordPress 簡易下載監控插件 <= 3.9.33 – 已驗證 (貢獻者+) 通過日誌導出功能中的訂單參數 SQL 注入漏洞
香港安全建議 WooCommerce 儲存型 XSS(CVE20258073)
WordPress 動態 AJAX 產品過濾器 WooCommerce 插件 <= 1.3.7 - 經過身份驗證 (貢獻者+) 的儲存型跨站腳本漏洞,通過名稱參數
Xagio SEO Backup Files Expose Sensitive Data(CVE202413807)
WordPress Xagio SEO plugin <= 7.1.0.5 - Unauthenticated Sensitive Information Exposure via Unprotected Back-Up Files vulnerability
Hong Kong Advisory Ajax Search Lite Exposure(CVE20257956)
WordPress Ajax Search Lite plugin <= 4.13.1 - Missing Authorization to Unauthenticated Basic Information Exposure via ASL_Query in AJAX Search Handler vulnerability
Beaver Builder Reflected Cross Site Scripting Vulnerability(CVE20258897)
WordPress Beaver Builder Plugin (Lite Version) plugin <= 2.9.2.1 - Reflected Cross-Site Scripting vulnerability
Community Alert ArcHub Authorization Vulnerability(CVE20250951)
WordPress ArcHub theme <= 1.2.12 - Missing Authorization to Authenticated (Subscriber+) All Plugins Deactivated vulnerability
Community Alert Hub Theme Authorization Weakness(CVE20250951)
WordPress Hub theme <= 5.0.7 - Missing Authorization to Authenticated (Subscriber+) All Plugins Deactivated vulnerability
Urgent Advisory Managefy Plugin Path Traversal(CVE20259345)
WordPress File Manager, Code Editor, and Backup by Managefy plugin <= 1.4.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Download vulnerability
香港安全警報StopBadBots繞過(CVE20259376)
WordPress StopBadBots插件 <= 11.58 - 對未經身份驗證的黑名單繞過漏洞的授權不足
香港安全警報 ULike Pro 風險(CVE20249648)
WordPress WP ULike Pro 插件 <= 1.9.3 - 未經身份驗證的有限任意文件上傳漏洞
Chinese (Hong Kong) 
English 
Chinese (China)