UNKNOWN — Vulnerabilities & Security Advisories 4152

Browse all 4152 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-25019	SEO Plugin by Squirrly SEO < 11.1.12 - Reflected Cross-Site Scripting — SEO Plugin by Squirrly SEOCWE-79	6.1	-	2022-03-21
CVE-2021-24905	Advanced Contact form 7 DB < 1.8.7 - Subscriber+ Arbitrary File Deletion — Advanced Contact form 7 DBCWE-863	8.0	-	2022-03-21
CVE-2022-22735	Simple Quotation <= 1.3.2 - Subscriber+ SQL injection — Simple QuotationCWE-89	8.8	-	2022-03-14
CVE-2022-22734	Simple Quotation <= 1.3.2 - Quote Creation/Edition via CSRF to Stored Cross-Site Scripting — Simple Quotation	6.1	-	2022-03-14
CVE-2022-0703	GD Mylist <= 1.1.1 - Admin+ Stored Cross-Site Scripting — GDMylistCWE-79	4.8	-	2022-03-14
CVE-2022-0702	Petfinder Listings <= 1.0.18 - Admin+ Stored Cross-Site Scripting — Petfinder ListingsCWE-79	4.8	-	2022-03-14
CVE-2022-0701	SEO 301 Meta <= 1.9.1 - Admin+ Stored Cross-Site Scripting — Seo 301 MetaCWE-79	4.8	-	2022-03-14
CVE-2022-0700	Simple Theme Options < 1.7 - Admin+ Stored Cross-Site Scripting — Simple TrackingCWE-79	4.8	-	2022-03-14
CVE-2022-0684	WP Home Page Menu < 3.1 - Admin+ Stored Cross-Site Scripting — WP Home Page MenuCWE-79	4.8	-	2022-03-14
CVE-2022-0674	Kunze Law < 2.1 - Admin+ Stored Cross-Site Scripting — Kunze LawCWE-79	4.8	-	2022-03-14
CVE-2022-0659	Sync iCloud COS < 2.0.1 - Admin+ Stored Cross-Site Scripting — Sync QCloud COSCWE-79	4.8	-	2022-03-14
CVE-2022-0658	CommonsBooking < 2.6.8 - Unauthenticated SQL Injection — CommonsBookingCWE-89	9.8	-	2022-03-14
CVE-2022-0648	Team Circle Image Slider With Lightbox < 1.0.16 - Reflected Cross-Site Scripting — Team Circle Image Slider With LightboxCWE-79	6.1	-	2022-03-14
CVE-2022-0601	Countdown & Clock < 2.2.9 - Reflected Cross-Site Scripting — Countdown, Coming Soon, Maintenance – Countdown & ClockCWE-79	6.1	-	2022-03-14
CVE-2022-0593	Login with phone number < 1.3.7 - Unauthenticated remote plugin deletion — Login with phone numberCWE-73	8.2	-	2022-03-14
CVE-2022-0503	Multisite Content Copier/Updater < 2.1.2 - Reflected Cross-Site Scripting — WordPress Multisite Content Copier/UpdaterCWE-79	6.1	-	2022-03-14
CVE-2022-0478	Event Manager for WooCommerce < 3.5.8 - Contributor+ SQL Injection — Event Manager and Tickets Selling Plugin for WooCommerceCWE-89	8.8	-	2022-03-14
CVE-2022-0449	Flexi - Guest Submit < 4.20 - Reflected Cross-Site Scripting — Flexi – Guest SubmitCWE-79	6.1	-	2022-03-14
CVE-2022-0399	Advanced Product Labels for WooCommerce < 1.2.3.7 - Reflected Cross-Site Scripting — Advanced Product Labels for WooCommerceCWE-79	6.1	-	2022-03-14
CVE-2022-0327	Master Addons for Elementor < 1.8.2 - Reflected Cross-Site Scripting — Master Addons for ElementorCWE-79	6.1	-	2022-03-14
CVE-2022-0321	WP Voting Contest < 3.0 - Reflected Cross-Site Scripting — WP Voting ContestCWE-79	6.1	-	2022-03-14
CVE-2022-0254	Zero Spam < 5.2.11 - Admin+ SQL Injection — WordPress Zero SpamCWE-89	7.2	-	2022-03-14
CVE-2022-0248	Contact Form Submissions < 1.7.3 - Unauthenticated Stored XSS — Contact Form SubmissionsCWE-79	6.1	-	2022-03-14
CVE-2022-0230	Better WordPress Google XML Sitemaps <= 1.4.1 - Unauthenticated Stored Cross-Site Scripting — Better WordPress Google XML Sitemaps (support Sitemap Index, Multi-site and Google News)CWE-79	6.1	-	2022-03-14
CVE-2022-0169	Photo Gallery by 10Web < 1.6.0 - Unauthenticated SQL Injection — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-89	9.8	-	2022-03-14
CVE-2022-0165	Page Builder KingComposer <= 2.9.6 - Open Redirect — Page Builder: KingComposer – Free Drag and Drop page builder by King-ThemeCWE-601	6.1	-	2022-03-14
CVE-2022-0161	ARI Fancy Lightbox < 1.3.9 - Reflected Cross-Site Scripting — ARI Fancy Lightbox – WordPress PopupCWE-79	6.1	-	2022-03-14
CVE-2022-0147	Cookie Information < 2.0.8 - Reflected Cross-Site Scripting — Cookie Information \| Free GDPR Consent SolutionCWE-79	6.1	-	2022-03-14
CVE-2021-25026	Patreon WordPress < 1.8.2 - Admin+ Stored Cross-Site Scripting — Patreon WordPressCWE-79	4.8	-	2022-03-14
CVE-2021-25007	MOLIE <= 0.5 - Authenticated SQL Injection — MOLIE – Instructure Canvas Linking toolCWE-89	7.2	-	2022-03-14

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

UNKNOWN — Vulnerabilities & Security Advisories 4152