Hong Kong Security Alert WooCommerce Data Exposure(CVE20237320)
WordPress WooCommerce plugin <= 7.8.2 - Sensitive Information Exposure vulnerability
社区警报 WordPress Sync 中的 CSRF 风险 (CVE202511976)
WordPress FuseWP – WordPress 用户同步到电子邮件列表和营销自动化 (Mailchimp, Constant Contact, ActiveCampaign 等) 插件 <= 1.1.23.0 - 跨站请求伪造以同步规则创建漏洞
香港警报 Listeo 存储型 XSS 威胁(CVE20258413)
WordPress Listeo plugin <= 2.0.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundcloud Shortcode vulnerability
香港安全警报 GenerateBlocks 选项暴露 (CVE202511879)
WordPress GenerateBlocks plugin <= 2.1.1 - Improper Authorization to Authenticated (Contributor+) Arbitrary Options Disclosure vulnerability
社区建议 PixelYourSite 插件 LFI 风险(CVE202510723)
WordPress PixelYourSite插件 < 11.1.2 - 管理员+ LFI漏洞
香港安全警报 ZoloBlocks 弹出窗口漏洞 (CVE202512134)
WordPress ZoloBlocks 插件 <= 2.3.11 - 缺少对未认证弹出窗口启用/禁用的授权漏洞
香港安全警报 WordPress 模板 CSRF (CVE202512072)
WordPress 为特定模板禁用内容编辑器插件 <= 2.0 - 跨站请求伪造到模板配置更新漏洞
Community Alert WordPress RapidResult SQL Injection(CVE202510748)
WordPress RapidResult plugin <= 1.2 - Authenticated (Contributor+) SQL Injection vulnerability
安全公告 任意订单退款漏洞 (CVE202510570)
WordPress WooCommerce插件的灵活退款和退货订单 <= 1.0.38 - 缺少对已认证(订阅者+)任意订单退款的授权漏洞
Urgent Alert PixelYourSite GDPR Settings Exploited(CVE202510588)
WordPress PixelYourSite plugin <= 11.1.2 – Cross-Site Request Forgery to GDPR Options Modification vulnerability
Chinese (China) 
English 
Chinese (Hong Kong)