香港安全咨询 联系管理器 XSS (CVE20258783)
WordPress 联系管理器插件 <= 8.6.5 - 经过身份验证的 (管理员+) 存储型跨站脚本通过 'title' 漏洞
Community Alert ColorMag Demo Importer Vulnerability(CVE20259202)
WordPress ColorMag plugin <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin Installation vulnerability
社区警报已验证的存储型跨站脚本(CVE20258618)
WordPress WPC Smart Quick View for WooCommerce插件 <= 4.2.1 - 已验证的(贡献者+)通过woosq_btn短代码的存储型跨站脚本漏洞
社区建议 联系表单 7 注入风险 (CVE20258145)
WordPress 联系表单 7 的重定向插件 <= 3.2.4 - 未经身份验证的 PHP 对象注入漏洞
社区安全警报 Easy Digital Downloads CSRF (CVE20258102)
WordPress Easy Digital Downloads 插件 <= 3.5.0 - 通过 edd_sendwp_disconnect 和 edd_sendwp_remote_install 函数的插件停用的跨站请求伪造漏洞
Hong Kong Security Advisory FunnelKit Privilege Escalation(CVE20257654)
Urgent: Privilege Escalation in Automation By Autonami (FunnelKit) — What WordPress Site Owners Must Do Now Plugin Name…
Alert Nexter Blocks Stored Cross Site Scripting(CVE20258567)
WordPress Nexter Blocks plugin <= 4.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets vulnerability
Hong Kong NGO alerts contributors about XSS(CVE20257496)
WordPress WPC Smart Compare for WooCommerce plugin <= 6.4.7 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability
Hong Kong Security Advisory FunnelKit Privilege Escalation(CVE20257654)
WordPress FunnelKit plugin <= 3.11.0.2 - Privilege Escalation vulnerability
Community Advisory Real Spaces Administrator Escalation(CVE20256758)
WordPress Real Spaces - WordPress Properties Directory Theme plugin <= 3.6 - Unauthenticated Privilege Escalation to Administrator via 'imic_agent_register' vulnerability
Chinese (China) 
English 
Chinese (Hong Kong)