Oceanpayment Plugin Permits Unauthenticated Order Status Changes(CVE202511728)
WordPress Oceanpayment CreditCard Gateway plugin <= 6.0 - Missing Authentication to Unauthenticated Order Status Update vulnerability
Security Advisory Dynamically Display Posts SQL Injection(CVE202511501)
WordPress Dynamically Display Posts plugin <= 1.1 - Unauthenticated SQL Injection vulnerability
Community Advisory Shortcode Button Stored XSS(CVE202510194)
WordPress Shortcode Button plugin <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Community Security Alert Demo Import Kit Vulnerability(CVE202510051)
WordPress Demo Import Kit plugin <= 1.1.0 - Authenticated (Admin+) Arbitrary File Upload vulnerability
Community Alert NEX Forms SQL Injection(CVE202510185)
WordPress NEX-Forms – WordPress插件的终极表单插件 <= 9.1.6 - 经过身份验证的(Admin+)SQL注入漏洞
Community Advisory Ovatheme Events Arbitrary Upload(CVE20256553)
WordPress Ovatheme Events Manager plugin <= 1.8.5 - Unauthenticated Arbitrary File Upload vulnerability
Security Advisory Everest Backup Exposes User Data(CVE202511380)
WordPress Everest Backup plugin <= 2.3.5 - Missing Authorization to Unauthenticated Information Exposure vulnerability
香港安全警报 NEX 表单 SQL 注入(CVE202510185)
WordPress NEX-Forms – WordPress插件的终极表单插件 <= 9.1.6 - 经过身份验证的(Admin+)SQL注入漏洞
Community Alert Trinity Audio Information Exposure(CVE20259196)
WordPress Trinity Audio plugin <= 5.21.0 - Unauthenticated Information Exposure vulnerability
Hong Kong Security Advisory Allegro SQL Injection(CVE202510048)
WordPress My Auctions Allegro Plugin plugin <= 3.6.31 - Authenticated (Admin+) SQL Injection vulnerability
Chinese (China) 
English 
Chinese (Hong Kong)