動態顯示貼文中的未經驗證的 SQL 注入漏洞//發佈於 2025-10-15//CVE-2025-11501
WordPress動態顯示文章功能存在緊急安全漏洞 <=1.1 CVE-2025-11501 with WAF guidance
WP-防火墙安全团队
短代碼按鈕插件中的已認證儲存型 XSS 漏洞//發佈於 2025-10-15//CVE-2025-10194
WordPress 短代碼按鈕存儲型 XSS 漏洞 CVE-2025-10194 的解釋及緩解措施和修復方案
Demo Kit 中的認證文件上傳漏洞//發佈於 2025-10-15//CVE-2025-10051
Demo Import Kit 中存在嚴重漏洞 CVE-2025-10051 任意檔案上傳漏洞,並已採取緩解措施。
NEX Forms 中存在嚴重驗證 SQL 注入漏洞//發佈於 2025-10-10//CVE-2025-10185
NEX-Forms CVE-2025-10185 漏洞修補、偵測、緩解和 WAF 加固的必備指南
Everest Backup Plugin Authorization Bypass Exposes Data//Published on 2025-10-10//CVE-2025-11380
Protect WordPress sites from Everest Backup CVE-2025-11380 unauthenticated exposure with patch and WAF
Unauthenticated File Upload in Ovatheme Events Manager//Published on 2025-10-10//CVE-2025-6553
Urgent WordPress vulnerability advisory for Ovatheme Events Manager CVE-2025-6553 unauthenticated file upload patch 1.8.6
Authenticated Admin SQL Injection in NEX Forms//Published on 2025-10-10//CVE-2025-10185
Urgent guide to NEX-Forms CVE-2025-10185: mitigation steps and WP-Firewall protection
Urgent Trinity Audio Unauthenticated Information Exposure//Published on 2025-10-10//CVE-2025-9196
Trinity Audio CVE-2025-9196 unauthenticated data exposure guide for WordPress risk and mitigations
Everest Backup Authorization Flaw Exposes Sensitive Data//Published on 2025-10-10//CVE-2025-11380
Urgent Everest Backup CVE-2025-11380 advisory with patch 2.3.6 and mitigation steps
Privileged SQL Injection in My Auctions Allegro//Published on 2025-10-10//CVE-2025-10048
Remediation guidance for CVE-2025-10048 My Auctions Allegro SQL injection in WordPress
繁體中文 
English 
简体中文 
香港中文 
日本語 
Español 
Français 
العربية 
हिन्दी 
বাংলা 
한국어 
Italiano 
Português 
Nederlands 
Tiếng Việt 
Русский 
Polski 
Deutsch 
Dansk