Community Alert FunKItools CSRF Threatens Site Settings(CVE202510301)
WordPress FunKItools plugin <= 1.0.2 - Cross-Site Request Forgery to Settings Update vulnerability
社区安全通知 OwnID 认证绕过 (CVE202510294)
WordPress OwnID 无密码登录插件 <= 1.3.4 - 身份验证绕过漏洞
Security Advisory Oceanpayment Order Status Vulnerability(CVE202511728)
WordPress Oceanpayment CreditCard Gateway plugin <= 6.0 - Missing Authentication to Unauthenticated Order Status Update vulnerability
HK Security Alert External Login SQL Injection(CVE202511177)
WordPress External Login plugin <= 1.11.2 - Unauthenticated SQL Injection via log vulnerability
Hong Kong Cybersecurity Group Warns WPBakery XSS(CVE202511160)
WordPress WPBakery 页面构建器插件 <= 8.6.1 - 通过自定义 JS 模块的存储型跨站脚本攻击漏洞
社区咨询 URLYar 存储 XSS 风险 (CVE202510133)
WordPress URLYar 插件 <= 1.1.0 - 经过身份验证的 (贡献者+) 存储跨站脚本漏洞
香港安全警报 WPBakery 跨站脚本 (CVE202511161)
WordPress WPBakery 页面构建器插件 <= 8.6.1 - 通过 vc_custom_heading 短代码的存储跨站脚本漏洞
Hong Kong Security Alert WordPress SSO Exposure(CVE202510648)
WordPress Login with YourMembership - YM SSO Login plugin <= 1.1.7 - Missing Authorization to Unauthenticated Sensitive Information Exposure via 'moym_display_test_attributes' vulnerability
Community Security Alert Demo Import Kit(CVE202510051)
WordPress Demo Import Kit plugin <= 1.1.0 - Authenticated (Admin+) Arbitrary File Upload vulnerability
Civic 网络安全警报 onOffice SQL 注入 (CVE202510045)
WordPress onOffice for WP-Websites 插件 <= 5.7 - 经过身份验证的 (编辑+) SQL 注入漏洞
Chinese (China) 
English 
Chinese (Hong Kong)