Hong Kong Security Advisory Zip Attachments Deletion(CVE202511692)
WordPress Zip Attachments plugin <= 1.6 - Missing Authorization to Limited File Deletion vulnerability
社区安全警报 Keyy 双因素漏洞 (CVE202510293)
WordPress Keyy 双因素身份验证 (如 Clef) 插件 <= 1.2.3 - 通过账户接管漏洞导致的已验证 (订阅者+) 权限升级
HK Security Advisory WPBakery Cross Site Scripting(CVE202511161)
WordPress WPBakery 页面构建器插件 <= 8.6.1 - 通过 vc_custom_heading 短代码的存储跨站脚本漏洞
香港安全警报 DocoDoco 上传漏洞 (CVE202510754)
WordPress DocoDoco Store Locator 插件 <= 1.0.1 - 经过身份验证的 (Editor+) 任意文件上传漏洞
公民安全咨询主题导入器CSRF风险(CVE202510312)
WordPress主题导入器插件 <= 1.0 - 跨站请求伪造漏洞
HK NGO Warning SSRF in Pz LinkCard(CVE20258594)
WordPress Pz-LinkCard plugin < 2.5.7 - Contributor+ SSRF vulnerability
Hong Kong Security Alert Insecure Image Access(CVE202511176)
WordPress Quick Featured Images plugin <= 13.7.2 - Insecure Direct Object Reference to Image Manipulation vulnerability
安全通知 OwnID 身份验证绕过 (CVE202510294)
WordPress OwnID 无密码登录插件 <= 1.3.4 - 身份验证绕过漏洞
Hong Kong Security Advisory Tariffuxx SQL Injection(CVE202510682)
WordPress TARIFFUXX plugin <= 1.4 - Authenticated (Contributor+) SQL Injection via tariffuxx_configurator Shortcode vulnerability
Hong Kong NGO Alert Zip Attachment Disclosure(CVE202511701)
WordPress Zip Attachments plugin <= 1.6 - Missing Authorization to Unauthenticated Private And Password-Protected Posts Attachment Disclosure vulnerability
Chinese (China) 
English 
Chinese (Hong Kong)