Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4152

Browse all 4152 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Autoptimize Form Maker by 10Web wp-affiliate-platform wp-cart-for-digital-products Yi Technology VikBooking Hotel Booking Engine & PMS Popup box Frontend File Manager Plugin WP MultiTasking Salon booking system Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery WPQA Builder MapPress Maps for WordPress EventPrime Blog2Social: Social Media Auto Post & Scheduler Ditty
CVE IDTitleCVSSSeverityPublished
CVE-2021-25006 MOLIE <= 0.5 - Reflected Cross-Site Scripting — MOLIE – Instructure Canvas Linking toolCWE-79 6.1 -2022-03-14
CVE-2021-25003 WPCargo < 6.9.0 - Unauthenticated RCE — WPCargo Track & TraceCWE-94 9.8 -2022-03-14
CVE-2021-24996 IDPay for Contact Form 7 <= 2.1.2 - Reflected Cross-Site Scripting — IDPay for Contact Form 7CWE-79 6.1 -2022-03-14
CVE-2021-24995 HTML5 Responsive FAQ <= 2.8.5 - Admin+ Stored Cross-Site Scripting — HTML5 Responsive FAQCWE-79 4.8 -2022-03-14
CVE-2021-24982 Child Theme Generator <= 2.2.7 - Reflected Cross-Site Scripting — Child Theme GeneratorCWE-79 5.4 -2022-03-14
CVE-2021-24966 Error Log Viewer Plugin <= 1.1.1 - Admin+ Arbitrary File Clearing — Error Log Viewer by BestWebSoftCWE-73 4.9 -2022-03-14
CVE-2021-24959 WP Email Users <= 1.7.6 - Subscriber+ SQL Injection — WP Email UsersCWE-89 8.8 -2022-03-14
CVE-2021-24958 Meks Easy Photo Feed Widget < 1.2.4 - Subscriber+ Settings Update to Stored XSS — Meks Easy Photo Feed WidgetCWE-79 5.4 -2022-03-14
CVE-2021-24950 Insight Core <= 1.0 - Subscriber+ PHP Object Injection & Stored XSS — Insight CoreCWE-862 6.3 -2022-03-14
CVE-2021-24940 Persian Woocommerce <= 5.8.0 - Reflected Cross-Site Scripting — ووکامرس فارسیCWE-79 6.1 -2022-03-14
CVE-2021-24897 Add Subtitle <= 1.1.0 - Contributor+ Stored Cross-Site Scripting — Add SubtitleCWE-79 5.4 -2022-03-14
CVE-2021-24895 Cybersoldier < 1.7.0 - Admin+ Stored Cross-Site Scripting — CybersoldierCWE-79 4.8 -2022-03-14
CVE-2021-24692 Simple Download Monitor < 3.9.5 - Contributor+ Arbitrary File Download via Path Traversal — Simple Download MonitorCWE-22 6.5 -2022-03-14
CVE-2022-0535 E2Pdf < 1.16.45 - Admin+ Stored Cross-Site Scripting (XSS) — E2Pdf – Export To Pdf Tool for WordPressCWE-79 4.8 -2022-03-07
CVE-2022-0533 Ditty (formerly Ditty News Ticker) < 3.0.15 - Reflected Cross-Site Scripting (XSS) — Ditty (formerly Ditty News Ticker)CWE-79 6.1 -2022-03-07
CVE-2022-0448 CP Blocks < 1.0.15 - Admin+ Stored Cross-Site Scripting — CP BlocksCWE-79 4.8 -2022-03-07
CVE-2022-0445 WordPress Real Cookie Banner < 2.14.2 - Settings Reset via CSRF — WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie ConsentCWE-352 6.5 -2022-03-07
CVE-2022-0442 UsersWP < 1.2.3.1 - Subscriber+ User Avatar Override — UsersWP – User Registration & User ProfileCWE-639 4.3 -2022-03-07
CVE-2022-0441 MasterStudy LMS < 2.7.6 - Unauthenticated Admin Account Creation — MasterStudy LMS – WordPress LMS PluginCWE-269 9.8 -2022-03-07
CVE-2022-0440 Catch Themes Demo Import < 2.1.1 - Admin+ Remote Code Execution — Catch Themes Demo ImportCWE-434 7.2 -2022-03-07
CVE-2022-0439 Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection — Email Subscribers & Newsletters 8.0 -2022-03-07
CVE-2022-0434 Page Views Count < 2.4.15 - Unauthenticated SQL Injection — Page View CountCWE-89 9.8 -2022-03-07
CVE-2022-0429 WP Cerber Security, Anti-spam & Malware Scan < 8.9.6 - Unauthenticated Stored Cross-Site Scripting — WP Cerber Security, Anti-spam & Malware ScanCWE-79 6.1 -2022-03-07
CVE-2022-0426 Product Feed PRO for WooCommerce < 11.2.3 - Reflected Cross-Site Scripting — Product Feed PRO for WooCommerceCWE-79 5.4 -2022-03-07
CVE-2022-0422 White Label MS < 2.2.9 - Reflected Cross-Site Scripting — White Label CMSCWE-79 6.1 -2022-03-07
CVE-2022-0420 RegistrationMagic < 5.0.2.2 - Admin+ SQL Injection — RegistrationMagic – Custom Registration Forms, User Registration and User Login PluginCWE-89 7.2 -2022-03-07
CVE-2022-0410 WP Visitor Statistics (Real Time Traffic) < 5.6 - Subscriber+ SQL Injection — WP Visitor Statistics (Real Time Traffic)CWE-89 8.8 -2022-03-07
CVE-2022-0389 WP Time Slots Booking Form < 1.1.63 - Admin+ Stored Cross-Site Scripting — WP Time Slots Booking FormCWE-79 4.8 -2022-03-07
CVE-2022-0384 Video Conferencing with Zoom < 3.8.17 - E-mail Address Disclosure — Video Conferencing with ZoomCWE-200 4.3 -2022-03-07
CVE-2022-0349 NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection — NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With ElementorCWE-89 9.8 -2022-03-07

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.