香港安全非政府组织警告未经认证的短代码(CVE20258105)
WordPress Soledad plugin <= 8.6.7 - Unauthenticated Arbitrary Shortcode Execution vulnerability
香港非政府组织警告 ProfilePress 短代码漏洞 (CVE20258878)
WordPress ProfilePress 插件 <= 4.16.4 - 未经身份验证的任意短代码执行漏洞
香港安全 NGO 警告 CF7 目录遍历 (CVE20258464)
WordPress 联系表单 7 插件的拖放多文件上传 <= 1.3.9.0 - 通过 `wpcf7_guest_user_id` Cookie 的目录遍历漏洞
香港安全 NGO 警报 WPGYM LFI(CVE20253671)
WordPress WPGYM - WordPress 健身管理系统插件 <= 67.7.0 - 认证用户(订阅者+)本地文件包含到通过密码更新的特权升级漏洞
HK Security NGO Warns WPGYM Admin Flaw(CVE20256080)
WordPress WPGYM plugin <= 67.7.0 - Missing Authorization to Admin Account Creation vulnerability
Hong Kong Security Alert WordPress Calendar XSS(CVE20258293)
WordPress Intl DateTime Calendar plugin <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via date Parameter vulnerability
Hong Kong Security NGO Warns WordPress SQLi(CVE202412612)
WordPress School Management System for Wordpress plugin <= 93.2.0 - Unauthenticated SQL Injection vulnerability
香港安全观察 WordPress CSRF XSS(CVE20257668)
WordPress Linux Promotional Plugin 插件 <= 1.4 - 跨站请求伪造到存储的跨站脚本漏洞
香港咨询认证Anber Elementor XSS(CVE20257440)
WordPress Anber Elementor附加插件 <= 1.0.1 - 认证(贡献者+)通过轮播按钮链接的存储跨站脚本漏洞
WordPress 图标工厂未认证删除漏洞(CVE20257778)
Plugin Name Icons Factory Type of Vulnerability Unauthenticated File Deletion CVE Number CVE-2025-7778 Urgency High CVE Publish Date…
Chinese (China) 
English 
Chinese (Hong Kong)