সর্বশেষ ওয়ার্ডপ্রেস প্লাগইন দুর্বলতা

2025 10 18ppom for woocommercecve202511691

Critical Unauthenticated SQL Injection in PPOM Plugin//Published on 2025-10-18//CVE-2025-11691

Urgent PPOM for WooCommerce CVE-2025-11691 unauthenticated SQLi patch guidance and mitigations

2025 10 18wp go mapscve202511703

Critical Unauthenticated Cache Poisoning WP Go Maps//Published on 2025-10-18//CVE-2025-11703

Urgent guide to fix WP Go Maps cache poisoning CVE-2025-11703 with patch 9.0.49

2025 10 18wpbakery page buildercve202510006

WPBakery Stored XSS Affects Contributor Accounts//Published on 2025-10-18//CVE-2025-10006

WPBakery stored XSS CVE-2025-10006 patch to 8.7+ and defend with WP-Firewall

2025 10 18learnpresscve202511372

LearnPress Authorization Bypass Risks Database Integrity//Published on 2025-10-18//CVE-2025-11372

LearnPress CVE-2025-11372 unauthenticated DB manipulation fix in 4.2.9.4; urgent remediation steps for WordPress.

2025 10 18gspeech ttscve202510187

Authenticated SQL Injection in GSpeech TTS//Published on 2025-10-18//CVE-2025-10187

GSpeech TTS CVE-2025-10187 authenticated admin SQL injection mitigation and hardening guide

2025 10 18powerbi embed reportscve202510750

Critical Sensitive Data Exposure in PowerBI Plugin//Published on 2025-10-18//CVE-2025-10750

CVE-2025-10750 unauthenticated data exposure in Power BI Embed Reports and WordPress mitigations

2025 10 18event ticketscve202511517

Event Tickets Plugin Unauthenticated Payment Bypass//Published on 2025-10-18//CVE-2025-11517

Urgent WordPress Event Tickets CVE-2025-11517 unauthenticated payment bypass mitigation and patch guidance

2025 10 18theme editorcve20259890

Theme Editor CSRF Enables Remote Code Execution//Published on 2025-10-18//CVE-2025-9890

CSRF to RCE in Theme Editor <=3.0 explained with remediations and WAF guidance.

2025 10 16felan frameworkcve202510849

Felan Framework Authorization Bypass Enables Plugin Activation//Published on 2025-10-16//CVE-2025-10849

Felan Framework CVE-2025-10849 vulnerability and WP-Firewall mitigation guidance and update to 1.1.5

2025 10 15wp google mapcve202511365

Authenticated SQL Injection in WordPress Google Map//Published on 2025-10-15//CVE-2025-11365

Urgent guide to CVE-2025-11365 WP Google Map SQL injection and mitigation steps