ZoloBlocks Access Control Vulnerability Community Advisory(CVE202549903)
WordPress ZoloBlocks plugin <= 2.3.11 - Broken Access Control vulnerability
Community Alert Easy Digital Downloads Order Risk(CVE202511271)
WordPress Easy Digital Download plugin <= 3.5.2 - Insufficient Verification to Order Manipulation vulnerability
公共安全咨询 事件日历 SQL 注入(CVE202512197)
WordPress The Events Calendar 插件 6.15.1.1 - 6.15.9 - 通过 s 漏洞进行未经身份验证的 SQL 注入
社区建议 LC Wizard 插件授权缺陷 (CVE20255483)
WordPress LC Wizard 插件 1.2.10 - 1.3.0 - 缺少对未认证用户的权限提升漏洞
香港网络安全警报 IDonate 账户接管 (CVE20254519)
WordPress IDonate plugin 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_password Function vulnerability
香港安全咨询 Gravity Forms 漏洞 (CVE202512352)
WordPress Gravity Forms plugin <= 2.9.20 - Unauthenticated Arbitrary File Upload via 'copy_post_image' vulnerability
Unauthenticated SQL Injection in Events Calendar(CVE202512197)
WordPress The Events Calendar 插件 6.15.1.1 - 6.15.9 - 通过 s 漏洞进行未经身份验证的 SQL 注入
Urgent Community Advisory FunnelKit Email Vulnerability(CVE202512469)
WordPress FunnelKit Automations plugin <= 3.6.4.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending vulnerability
Hong Kong Security Alert Depicter Slider Vulnerability(CVE202511373)
WordPress Depicter Slider plugin <= 4.0.4 - Missing Authorization to Authenticated (Contributor+) Safe File Type Upload vulnerability
社区警报 WordPress 中未经身份验证的文档访问 (CVE202512384)
WordPress Document Embedder 插件 <= 2.0.0 - 缺少对未经身份验证的文档操作的授权漏洞
Chinese (China) 
English 
Chinese (Hong Kong)