Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4175

Browse all 4175 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager Modern Events Calendar Lite Tutor LMS – eLearning and online course solution EventON AI ChatBot wp-eMember Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Elementor Website Builder Welcart e-Commerce Logo Slider Photo Gallery by 10Web Autoptimize Form Maker by 10Web Yi Technology wp-cart-for-digital-products Booster for WooCommerce wp-affiliate-platform Salon booking system LearnPress WP MultiTasking Photo Gallery by 10Web – Mobile-Friendly Image Gallery MapPress Maps for WordPress EventPrime Simple Download Monitor WPQA Builder Popup box VikBooking Hotel Booking Engine & PMS Frontend File Manager Plugin Blog2Social: Social Media Auto Post & Scheduler
CVE IDTitleCVSSSeverityPublished
CVE-2022-1569 WordPress Forms by Pie Forms < 1.4.9.4 - Admin+ Stored Cross-Site Scripting — Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more!CWE-79 4.8 -2022-06-06
CVE-2022-1541 Video Slider - Slider Carousel < 1.4.8 - Admin+ Stored Cross-Site Scripting — Video Slider – Slider CarouselCWE-79 4.8 -2022-06-06
CVE-2022-1506 WP Born Babies <= 1.0 - Contributor+ Stored Cross-Site Scripting — WP BORN BABIES PLUGINCWE-79 5.4 -2022-06-06
CVE-2022-1469 FiboSearch < 1.18.0 - Admin+ Stored Cross-Site Scripting — FiboSearch – Ajax Search for WooCommerceCWE-79 4.8 -2022-06-06
CVE-2022-1424 Ask Me < 6.8.2 - Multiple CSRF in AJAX Actions — Ask meCWE-352 6.5 -2022-06-06
CVE-2022-1422 Discy < 5.2 - Restore Default Settings via CSRF — DiscyCWE-352 6.5 -2022-06-06
CVE-2022-1421 Discy < 5.2 - Settings Update via CSRF — DiscyCWE-352 6.5 -2022-06-06
CVE-2022-1394 Photo Gallery < 1.6.4 - Admin+ Stored Cross-Site Scripting — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79 4.8 -2022-06-06
CVE-2022-1241 Ask Me < 6.8.2 - Reflected Cross-Site Scripting — Ask meCWE-79 6.1 -2022-06-06
CVE-2022-1005 WP Statistics < 13.2.2 - Reflected Cross-Site Scripting — WP StatisticsCWE-79 6.1 -2022-06-06
CVE-2022-0788 WP Fundraising Donation and Crowdfunding Platform < 1.5.0 - Unauthenticated SQLi — WP Fundraising Donation and Crowdfunding PlatformCWE-89 9.8 -2022-06-06
CVE-2022-0779 User Meta < 2.4.4 - Subscriber+ Local File Enumeration via Path Traversal — User Meta – User Profile Builder and User management pluginCWE-22 6.5 -2022-06-06
CVE-2022-1646 Simple Real Estate Pack <= 1.4.8 - Admin+ Stored Cross Site Scripting — Simple Real Estate PackCWE-79 4.8 -2022-05-30
CVE-2022-1645 Amazon Link <= 3.2.10 - Admin+ Stored Cross-Site Scripting — Amazon LinkCWE-79 4.8 -2022-05-30
CVE-2022-1644 Call&Book Mobile Bar <= 1.2.2 - Admin+ Stored Cross Site Scripting — Call&Book Mobile BarCWE-79 4.8 -2022-05-30
CVE-2022-1643 Birthdays Widget <= 1.7.18 - Admin+ Stored Cross Site Scripting — Birthdays WidgetCWE-79 4.8 -2022-05-30
CVE-2022-1611 Bulk Page Creator < 1.1.4 - Arbitrary Page Creation via CSRF — Bulk Page CreatorCWE-352 8.8 -2022-05-30
CVE-2022-1589 Change wp-admin Login < 1.1.0 - Unauthenticated Arbitrary Settings Update — Change wp-admin login 7.5 -2022-05-30
CVE-2022-1583 External Links in New Window / New Tab < 1.43 - Tabnabbing — External Links in New Window / New TabCWE-1022 6.5 -2022-05-30
CVE-2022-1582 External Links in New Window / New Tab < 1.43 - Unauthenticated Stored Cross-Site Scripting — External Links in New Window / New TabCWE-79 6.1 -2022-05-30
CVE-2022-1568 Team Members < 5.1.1 - Admin+ Stored Cross-Site Scripting — Team MembersCWE-79 4.8 -2022-05-30
CVE-2022-1566 Quotes llama < 1.0.0 - Admin+ Stored Cross-Site Scripting — Quotes llamaCWE-79 4.8 -2022-05-30
CVE-2022-1564 Form Maker By 10Web < 1.14.12 - Admin+ Stored Cross-Site Scripting — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-79 4.8 -2022-05-30
CVE-2022-1562 Enable SVG < 1.4.0 - Author+ Stored Cross Site Scripting via SVG — Enable SVGCWE-79 5.4 -2022-05-30
CVE-2022-1556 StaffList < 3.1.5 - Admin+ SQLi — StaffListCWE-89 9.8 -2022-05-30
CVE-2022-1542 HPB Dashboard <= 1.3.1 - Admin+ Stored Cross Site Scripting — hpb DashboardCWE-79 4.8 -2022-05-30
CVE-2022-1528 VikBooking < 1.5.9 - Reflected Cross-Site Scripting — VikBooking Hotel Booking Engine & PMSCWE-79 6.1 -2022-05-30
CVE-2022-1527 WP 2FA < 2.2.1 - Reflected Cross-Site Scripting — WP 2FA – Two-factor authentication for WordPressCWE-79 6.1 -2022-05-30
CVE-2022-1456 Poll Maker < 4.0.2 - Admin+ Stored Cross-Site Scripting — Poll MakerCWE-79 4.8 -2022-05-30
CVE-2022-1395 Easy FAQ with Expanding Text <= 3.2.8.3.1 - Admin+ Stored Cross-Site Scripting — Easy FAQ with Expanding TextCWE-79 4.8 -2022-05-30

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.