Mesa Reservation Widget 插件中存在严重 XSS 漏洞//发布于 2025-08-23//CVE-2025-48319
WordPress Mesa Reservation Widget 存储型 XSS CVE-2025-48319:检测、遏制和修复。
最新的 WordPress 插件漏洞
Case Theme 用户插件身份验证绕过漏洞//发布于 2025-08-22//CVE-2025-5821
严重漏洞 CVE-2025-5821:WordPress Case Theme User 插件存在社交登录绕过漏洞;请立即更新至 1.0.4 版本。
严重漏洞:Wptobe 成员身份验证文件删除//发布于 2025-08-22//CVE-2025-9048
紧急 WordPress CVE-2025-9048 WPtobe-memberships 订阅者文件删除漏洞缓解措施和事件响应
Critical CSRF in Restore Permanently Delete Plugin//Published on 2025-08-22//CVE-2025-7839
Urgent CSRF flaw in Restore Permanently delete Post or Page Data plugin with mitigations
Authenticated Stored XSS in WS Theme Addons//Published on 2025-08-22//CVE-2025-8062
Authenticated stored XSS in WS Theme Addons ws_weather shortcode with practical mitigations.
Ogulo 360 Tour 中的已认证存储型 XSS 漏洞//发布于 2025-08-22//CVE-2025-9131
Urgent CVE-2025-9131 stored XSS in Ogulo plugin guidance for WordPress site owners
ShortcodeHub Authenticated Stored Cross Site Scripting//Published on 2025-08-22//CVE-2025-7957
Urgent stored XSS in ShortcodeHub up to version 1.7.1 CVE-2025-7957 WordPress
Ni WooCommerce 客户产品报告授权绕过漏洞//发布于 2025-08-22//CVE-2025-7827
CVE-2025-7827: Broken access control in Ni WooCommerce Customer Product Report enables subscriber settings update.
Missing Authorization Allows Contributor Feed Deletion//Published on 2025-08-22//CVE-2025-7828
WP-Firewall advisory on CVE-2025-7828 enabling contributor feed deletions; actionable mitigations
Critical Reflected XSS in WP Talroo Plugin//Published on 2025-08-22//CVE-2025-8281
Explains WP Talroo CVE-2025-8281 reflected XSS and how WP-Firewall protects WordPress sites
简体中文 
English 
香港中文 
繁體中文 
日本語 
Español 
Français 
العربية 
हिन्दी 
বাংলা 
한국어 
Italiano 
Português 
Nederlands 
Tiếng Việt 
Русский 
Polski 
Deutsch 
Dansk