香港 NGO 警告 Trafft 预订 XSS(CVE202558213)
WordPress 预订系统 Trafft 插件 <= 1.0.14 - 跨站脚本 (XSS) 漏洞
AfterShip Plugin Broken Access Control Advisory(CVE202558201)
WordPress AfterShip Tracking Plugin <= 1.17.17 - Broken Access Control Vulnerability
社区通知 简单页面访问中的 CSRF (CVE202558202)
WordPress 简单页面访问限制插件 <= 1.0.32 - 跨站请求伪造 (CSRF) 漏洞
Security Advisory WpEvently PHP Object Injection(CVE202554742)
WordPress WpEvently Plugin <= 4.4.8 - PHP Object Injection Vulnerability
公共咨询 Printeers 打印运输目录遍历 (CVE202548081)
WordPress Printeers Print & Ship插件 <= 1.17.0 - 目录遍历漏洞
香港安全 NGO WordPress 导入 XSS (CVE20258490)
WordPress All-in-One WP Migration and Backup plugin <= 7.97 - Authenticated (Administrator+) Stored Cross-Site Scripting via Import vulnerability
Lazy Load Videos 插件中的存储型 XSS (CVE20257732)
WordPress Lazy Load for Videos plugin <= 2.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via data-video-title and href Attributes vulnerability
Hong Kong Security Dokan Pro Privilege Escalation(CVE20255931)
WordPress Dokan Pro plugin <= 4.0.5 - Authenticated (Vendor+) Privilege Escalation vulnerability
Community Security Advisory SiteSEO Stored XSS(CVE20259277)
WordPress SiteSEO plugin <= 1.2.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Broken Regex Expression vulnerability
Hong Kong Security Advisory Shortcode Path Traversal(CVE20258562)
Urgent: Directory Traversal in ‘Custom Query Shortcode’ (≤ 0.4.0) — What WordPress Site Owners Need to Know and…
Chinese (China) 
English 
Chinese (Hong Kong)