Community Alert Cloudflare Image Resizing Exploit(CVE20258723)
WordPress Cloudflare Image Resizing plugin <= 1.5.6 - Missing Authentication to Unauthenticated Remote Code Execution via rest_pre_dispatch Hook vulnerability
Hong Kong Security Advisory Flexible Maps XSS(CVE20258622)
WordPress Flexible Maps plugin <= 1.18.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Flexible Maps Shortcode vulnerability
香港安全警报 Real Spaces 升级 (CVE20258218)
WordPress Real Spaces - WordPress Properties Directory Theme 插件 <= 3.5 - 通过 'change_role_member' 漏洞实现经过身份验证的 (Subscriber+) 权限提升至管理员
Hong Kong Security Alert Media Library Deletion(CVE20258357)
WordPress Media Library Assistant plugin <= 3.27 - Authenticated (Author+) Limited File Deletion vulnerability
社区警报Emmet插件XSS威胁(CVE202549894)
WordPress WP Emmet plugin <= 0.3.4 - Cross Site Scripting (XSS) vulnerability
香港安全通知 Elizaibots XSS 漏洞 (CVE202549893)
WordPress Elizaibots plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
香港非政府组织警告WordPress CSRF对象注入(CVE202549895)
WordPress ServerBuddy by PluginBuddy.com plugin <= 1.0.5 - CSRF to PHP Object Injection vulnerability
香港安全 WordPress Profile Builder XSS (CVE20258896)
插件名称 Profile Builder 漏洞类型 存储型 XSS CVE 编号 CVE-2025-8896 紧急程度 中等 CVE 发布日期 2025-08-16…
WordPress BetterDocs 隐私缺陷暴露私人帖子 (CVE20257499)
插件名称 BetterDocs 漏洞类型 破坏访问控制 CVE 编号 CVE-2025-7499 紧急程度 低 CVE 发布日期 2025-08-16…
香港安全 NGO 警报 Soledad LFI (CVE20258142)
WordPress Soledad 插件 <= 8.6.7 - 经过身份验证 (贡献者+) 通过 'header_layout' 漏洞进行本地文件包含
Chinese (China) 
English 
Chinese (Hong Kong)