Hong Kong Security Advisory Contact Manager XSS(CVE20258783)
WordPress Contact Manager plugin <= 8.6.5 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'title' vulnerability
Community Alert ColorMag Demo Importer Vulnerability(CVE20259202)
WordPress ColorMag plugin <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin Installation vulnerability
社區警報 認證的存儲型跨站腳本攻擊 (CVE20258618)
WordPress WPC Smart Quick View for WooCommerce 插件 <= 4.2.1 - 通過 woosq_btn 短代碼漏洞的認證 (貢獻者+) 存儲型跨站腳本攻擊
Community Advisory Contact Form 7 Injection Risk(CVE20258145)
WordPress Redirection for Contact Form 7 plugin <= 3.2.4 - Unauthenticated PHP Object Injection vulnerability
社區安全警報 Easy Digital Downloads CSRF (CVE20258102)
WordPress Easy Digital Downloads 外掛 <= 3.5.0 - 跨站請求偽造至外掛停用的 edd_sendwp_disconnect 和 edd_sendwp_remote_install 函數漏洞
香港安全諮詢FunnelKit特權提升(CVE20257654)
Urgent: Privilege Escalation in Automation By Autonami (FunnelKit) — What WordPress Site Owners Must Do Now Plugin Name…
警報 Nexter Blocks 儲存的跨站腳本 (CVE20258567)
WordPress Nexter Blocks 插件 <= 4.5.4 - 經過身份驗證 (貢獻者+) 通過多個小部件的儲存跨站腳本漏洞
Hong Kong NGO alerts contributors about XSS(CVE20257496)
WordPress WPC Smart Compare for WooCommerce plugin <= 6.4.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
香港安全諮詢FunnelKit特權提升(CVE20257654)
WordPress FunnelKit插件 <= 3.11.0.2 - 特權提升漏洞
Community Advisory Real Spaces Administrator Escalation(CVE20256758)
WordPress Real Spaces - WordPress Properties Directory Theme plugin <= 3.6 - Unauthenticated Privilege Escalation to Administrator via 'imic_agent_register' vulnerability
Chinese (Hong Kong) 
English 
Chinese (China)