香港安全观察 WordPress CSRF XSS(CVE20257668)
WordPress Linux Promotional Plugin 插件 <= 1.4 - 跨站请求伪造到存储的跨站脚本漏洞
香港咨询认证Anber Elementor XSS(CVE20257440)
WordPress Anber Elementor附加插件 <= 1.0.1 - 认证(贡献者+)通过轮播按钮链接的存储跨站脚本漏洞
WordPress 图标工厂未认证删除漏洞(CVE20257778)
Plugin Name Icons Factory Type of Vulnerability Unauthenticated File Deletion CVE Number CVE-2025-7778 Urgency High CVE Publish Date…
WordPress Lastfm 专辑封面 CSRF 存储型 XSS (CVE20257684)
插件名称 Last.fm 最近专辑封面 漏洞类型 CSRF 和 XSS CVE 编号 CVE-2025-7684 紧急程度 低 CVE…
HK Security Advisory Authenticated WordPress Bokun XSS(CVE20256221)
Plugin Name Embed Bokun Type of Vulnerability Authenticated Stored XSS CVE Number CVE-2025-6221 Urgency Low CVE Publish Date…
Hong Kong Alerts WordPress CSRF To XSS(CVE20257686)
Plugin Name weichuncai(WP伪春菜) Type of Vulnerability Stored XSS CVE Number CVE-2025-7686 Urgency Medium CVE Publish Date 2025-08-15 Source…
Hong Kong Security WordPress README Parser XSS(CVE20258720)
WordPress Plugin README Parser plugin <= 1.3.15 - Authenticated (Contributor+) Stored Cross-Site Scripting via target Parameter vulnerability
香港安全 NGO 警报 NextGEN 目录删除(CVE20257641)
WordPress NextGEN Gallery 插件 <= 1.0.9 - 未经身份验证的任意目录删除漏洞
HK Security Alert WordPress AI Pack Bypass(CVE20257664)
WordPress Al Pack plugin <= 1.0.2 - Missing Authorization to Unauthenticated Premium Feature Activation via check_activate_permission Function vulnerability
HK Security NGO warns WordPress Surbma XSS(CVE20257649)
WordPress Surbma | Recent Comments Shortcode plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Chinese (China) 
English 
Chinese (Hong Kong)