香港安全头像迁移授权缺陷(CVE20258482)
WordPress Simple Local Avatars plugin <= 2.8.4 - Missing Authorization to Authenticated (Subscriber+) Avatar Migration vulnerability
香港安全 WordPress 股票报价 XSS(CVE20258688)
WordPress Inline Stock Quotes plugin <= 0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via stock Shortcode vulnerability
香港安全 NGO 警告 WordPress XSS(CVE20258685)
WordPress Wp chart generator plugin <= 1.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpchart Shortcode vulnerability
GMap Venturit Stored XSS Alert for HK(CVE20258568)
WordPress GMap - Venturit plugin <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'h' Parameter vulnerability
在 AnWP 足球联赛中的经过身份验证的 CSV 注入 (CVE20258767)
WordPress AnWP 足球联赛插件 <= 0.16.17 - 经过身份验证的 (管理员+) CSV 注入漏洞
香港 WordPress UiCore 未经授权的文件读取(CVE20256253)
WordPress UiCore Elements插件 <= 1.3.0 - 缺少未经身份验证的任意文件读取授权漏洞
HK Security Alerts Elementor Image Import Flaw(CVE20258081)
WordPress Elementor plugin <= 3.30.2 - Authenticated (Administrator+) Arbitrary File Read via Image Import vulnerability
Hong Kong security NGO flags CBX CSRF(CVE20257965)
WordPress CBX Restaurant Booking plugin <= 1.2.1 - Plugin Reset via CSRF vulnerability
Hong Kong WordPress The7 Stored XSS Alert(CVE20257726)
WordPress The7 plugin <= 12.6.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via title and data-dt-img-description Attributes vulnerability
Hong Kong Security Unauthenticated SQL Injection CleverReach(CVE20257036)
WordPress CleverReach WP plugin <= 1.5.20 - Unauthenticated SQL Injection via title Parameter vulnerability
Chinese (China) 
English 
Chinese (Hong Kong)