UNKNOWN 厂商漏洞列表 / CVE 中文分析 4175

UNKNOWN 厂商相关 4175 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

“Unknown”并非特定厂商，而是指代身份不明的软件组件或开源项目，其核心用途因具体代码库而异，通常涉及基础功能模块。由于缺乏明确维护主体，该类别历史上常暴露远程代码执行、跨站脚本及身份验证绕过等高危漏洞，主要源于代码审计缺失。截至最新统计已收录4141条CVE，凸显供应链安全风险。建议开发者严格审查第三方依赖，及时更新补丁以防范潜在攻击。

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2022-1409	VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ PHP File Upload — VikBooking Hotel Booking Engine & PMSCWE-434	7.2	-	2022-05-16
CVE-2022-1408	VikBooking Hotel Booking Engine & PMS < 1.5.8 - Admin+ Stored Cross-Site Scripting — VikBooking Hotel Booking Engine & PMSCWE-79	4.8	-	2022-05-16
CVE-2022-1407	VikBooking Hotel Booking Engine & PMS < 1.5.7 - Stored Cross-Site Scripting via CSRF — VikBooking Hotel Booking Engine & PMSCWE-352	6.5	-	2022-05-16
CVE-2022-1398	External Media without Import <= 1.1.2 - Subscriber+ Blind SSRF — External Media without ImportCWE-918	6.5	-	2022-05-16
CVE-2022-1393	WP Subtitle < 3.4.1 - Contributor+ Stored Cross-Site Scripting — WP SubtitleCWE-79	5.4	-	2022-05-16
CVE-2022-1386	Fusion Builder < 3.6.2 - Unauthenticated SSRF — Fusion BuilderCWE-918	9.1	-	2022-05-16
CVE-2022-1349	WPQA < 5.2 - Subscriber+ Arbitrary Profile Picture Deletion via IDOR — WPQA Builder PluginCWE-287	6.5	-	2022-05-16
CVE-2022-1334	WP YouTube Live < 1.8.3 - Admin+ Stored Cross Site Scripting — WP YouTube LiveCWE-79	4.8	-	2022-05-16
CVE-2022-1267	BMI BMR Calculator <= 1.3 - Reflected Cross-Site Scripting — BMI BMR CalculatorCWE-79	6.1	-	2022-05-16
CVE-2022-1265	BulletProof Security < 6.1 - Admin+ Stored Cross-Site Scripting — BulletProof SecurityCWE-79	4.8	-	2022-05-16
CVE-2022-1217	Custom TinyMCE Shortcode Button <= 1.1 - Reflected Cross-Site Scripting — Custom TinyMCE Shortcode ButtonCWE-79	6.1	-	2022-05-16
CVE-2022-1216	Advanced Image Sitemap <= 1.2 - Reflected Cross-Site Scripting — Advanced Image SitemapCWE-79	6.1	-	2022-05-16
CVE-2022-1182	Visual Slide Box Builder <= 3.2.9 - Subscriber+ SQLi — Visual Slide Box BuilderCWE-89	8.8	-	2022-05-16
CVE-2022-1103	Advanced Uploader <= 4.2 - Subscriber+ Arbitrary File Upload — Advanced uploaderCWE-434	8.8	-	2022-05-16
CVE-2022-1089	Bulk Edit and Create User Profiles < 1.5.14 - Admin+ Stored Cross-Site Scripting — Bulk Edit and Create User Profiles – WP Sheet EditorCWE-79	4.8	-	2022-05-16
CVE-2022-1062	th23 Social <= 1.2.0 - Admin+ Stored Cross-Site Scripting — th23 SocialCWE-79	4.8	-	2022-05-16
CVE-2022-1051	WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields — WPQA Builder PluginCWE-79	5.4	-	2022-05-16
CVE-2022-0873	Gmedia Photo Gallery < 1.20.0 - Admin+ Stored Cross-Site Scripting — Gmedia Photo GalleryCWE-79	4.8	-	2022-05-16
CVE-2022-0867	ARPrice Lite < 3.6.1 - Unauthenticated SQLi — Pricing Table PluginCWE-89	9.8	-	2022-05-16
CVE-2021-25119	AGIL <= 1.0 - Admin+ Arbitrary File Upload — AGIL(Automatic Grid Image Listing)CWE-434	7.2	-	2022-05-16
CVE-2022-1338	Easily Generate Rest API Url <= 1.0.0 - Admin+ Stored Cross-Site Scripting — Easily Generate Rest API UrlCWE-79	4.8	-	2022-05-09
CVE-2022-1303	Slide Anything < 2.3.44 - Editor+ Stored Cross-Site Scripting — Slide Anything – Responsive Content / HTML Slider and CarouselCWE-79	4.8	-	2022-05-09
CVE-2022-1171	Vertical scroll recent post < 14.0 - Reflected Cross-Site Scripting — Vertical scroll recent postCWE-79	6.1	-	2022-05-09
CVE-2022-1104	Popup Maker < 1.16.5 - Admin+ Stored Cross-Site Scripting — Popup Maker – Popup for opt-ins, lead gen, & moreCWE-79	4.8	-	2022-05-09
CVE-2022-1047	Themify - Post Type Builder Search Addon < 1.4.0 - Reflected Cross-Site Scripting — themify-ptb-searchCWE-79	6.1	-	2022-05-09
CVE-2022-1013	Personal Dictionary < 1.3.4 - Unauthenticated SQLi — Personal DictionaryCWE-89	9.8	-	2022-05-09
CVE-2022-0948	Order Listener for WooCommerce < 3.2.2 - Unauthenticated SQLi — Order Listener for WooCommerce – Play Sounds Instantly on New OrdersCWE-89	9.8	-	2022-05-09
CVE-2022-0898	IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting — IgniteUp – Coming Soon and Maintenance ModeCWE-79	5.4	-	2022-05-09
CVE-2022-0874	WP Social Buttons <= 2.1 - Admin+ Stored Cross-Site Scripting — WP Social ButtonsCWE-79	4.8	-	2022-05-09
CVE-2022-0836	SEMA API < 4.02 - Unauthenticated SQLi — SEMA APICWE-89	9.8	-	2022-05-09

本页汇总了 UNKNOWN 厂商截至目前公开的全部 4175 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

UNKNOWN 厂商漏洞列表 / CVE 中文分析 4175

目標達成すべての支援者に感謝 — 100%達成しました！