Hong Kong Security Alerts WordPress School IDOR(CVE202549896)
WordPress School Management Plugin <= 93.1.0 - Insecure Direct Object References (IDOR) Vulnerability
(CVE202549898)
WordPress School Management Plugin <= 93.2.0 - SQL Injection Vulnerability
Hong Kong NGO Alerts WordPress Pricing Vulnerability(CVE20257662)
Plugin Name Gestion de tarifs Type of Vulnerability Authenticated SQL Injection CVE Number CVE-2025-7662 Urgency Low CVE Publish…
香港 NGO 报告 Radius Blocks XSS (CVE20255844)
WordPress Radius Blocks 插件 <= 2.2.1 - 经过身份验证的 (贡献者+) 存储型跨站脚本漏洞通过 subHeadingTagName 参数
Hong Kong NGO alerts WordPress BizCalendar LFI(CVE20257650)
WordPress BizCalendar Web plugin <= 1.1.0.50 - Authenticated (Contributor+) Local File Inclusion vulnerability
WordPress EventON Lite Information Disclosure Risk(CVE20258091)
WordPress EventON Lite plugin <= 2.4.6 - Authenticated (Contributor+) Information Disclosure vulnerability
香港安全 WordPress Alobaidi 验证码 XSS (CVE20258080)
WordPress Alobaidi 验证码插件 <= 1.0.3 - 经过身份验证的 (管理员+) 存储型跨站脚本通过插件设置漏洞
WordPress B Slider Exposes Subscriber Data(CVE20258676)
Plugin Name B Slider Type of Vulnerability Authenticated Data Exposure CVE Number CVE-2025-8676 Urgency Low CVE Publish Date…
Hong Kong Security Alert WordPress OTP Bypass(CVE20258342)
Urgent: Authentication Bypass in “Login with phone number” (
香港 NGO 警告 WordPress PPWP 漏洞(CVE20255998)
WordPress PPWP 插件 < 1.9.11 - 通过 REST API 漏洞绕过订阅者+ 访问权限
Chinese (China) 
English 
Chinese (Hong Kong)