香港安全警报插件 CSRF XSS(CVE20256247)
WordPress WordPress Automatic plugin <= 3.118.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Community Advisory Vibes Plugin SQL Injection Vulnerability(CVE20259172)
WordPress Vibes plugin <= 2.2.0 - Unauthenticated SQL Injection via `resource` Parameter vulnerability
Community Security Alert CSRF in WordPress Plugin(CVE202548303)
WordPress Post Type Converter plugin <= 0.6 - Cross Site Request Forgery (CSRF) vulnerability
Duoshuo Comment Box CSRF Security Alert(CVE202548318)
WordPress 多说社会化评论框 plugin <= 1.2 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability
社区警报 百度分享按钮存储型 XSS(CVE202548320)
WordPress 百度分享按钮插件 <= 1.0.6 - CSRF导致的存储型 XSS 漏洞
香港安全咨询 Mesa 小部件 XSS (CVE202548319)
WordPress Mesa 预订小部件插件 <= 1.0.0 - 跨站脚本 (XSS) 漏洞
Hong Kong Advisory CSRF Enables Stored XSS(CVE202548321)
WordPress Ultimate twitter profile widget plugin <= 1.0 - CSRF to Stored XSS vulnerability
Community Alert Bravis Plugin Account Takeover(CVE20255060)
Plugin Name Bravis User Type of Vulnerability Account takeover vulnerability CVE Number CVE-2025-5060 Urgency High CVE Publish Date…
HK NGO Alert Social Login Authentication Bypass(CVE20255821)
WordPress Case Theme User plugin <= 1.0.3 - Authentication Bypass via Social Login vulnerability
Hong Kong Security Advisory Ogulo 360 XSS(CVE20259131)
Plugin Name Ogulo – 360° Tour Type of Vulnerability Authenticated Stored XSS CVE Number CVE-2025-9131 Urgency Low CVE…
Chinese (China) 
English 
Chinese (Hong Kong)