Community Alert Bravis Plugin Account Takeover(CVE20255060)
Plugin Name Bravis User Type of Vulnerability Account takeover vulnerability CVE Number CVE-2025-5060 Urgency High CVE Publish Date…
HK NGO Alert Social Login Authentication Bypass(CVE20255821)
WordPress Case Theme User plugin <= 1.0.3 - Authentication Bypass via Social Login vulnerability
Hong Kong Security Advisory Ogulo 360 XSS(CVE20259131)
Plugin Name Ogulo – 360° Tour Type of Vulnerability Authenticated Stored XSS CVE Number CVE-2025-9131 Urgency Low CVE…
Hong Kong Security Advisory Ni WooCommerce Vulnerability(CVE20257827)
WordPress Ni WooCommerce Customer Product Report plugin <= 1.2.4 - Missing Authorization to Authenticated (Subscriber+) Settings Update vulnerability
Hong Kong Security Alert ShortcodeHub Stored XSS(CVE20257957)
WordPress ShortcodeHub plugin <= 1.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via author_link_target Parameter vulnerability
社区警报 WS Addons 中的认证 XSS(CVE20258062)
WordPress WS 主题 Addons 插件 <= 2.0.0 - 认证 (贡献者+) 通过 ws_weather 短代码漏洞存储的跨站脚本攻击
Advisory Cross Site Request Forgery Restore Plugin(CVE20257839)
WordPress Restore Permanently delete Post or Page Data plugin <= 1.0 - Cross-Site Request Forgery vulnerability
Hong Kong Security Alert WordPress Feed Deletion(CVE20257828)
WordPress WP Filter & Combine RSS Feeds plugin <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion vulnerability
Hong Kong Security Advisory Talroo Plugin XSS(CVE20258281)
WordPress WP Talroo plugin <= 2.4 - Reflected XSS vulnerability
香港安全警报Silencesoft RSS CSRF(CVE20257842)
WordPress Silencesoft RSS Reader 插件 <= 0.6 - 跨站请求伪造导致 RSS Feed 删除的漏洞
Chinese (China) 
English 
Chinese (Hong Kong)