Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2021-24574 Simple Banner < 2.10.4 - Authenticated Stored XSS — Simple BannerCWE-79 4.8 -2021-08-23
CVE-2021-24571 HD Quiz < 1.8.4 - Authenticated Stored XSS — HD QuizCWE-79 5.4 -2021-08-23
CVE-2021-24565 Contact Form 7 Captcha < 0.0.9 - CSRF to Stored XSS — Contact Form 7 CaptchaCWE-79 7.1 -2021-08-23
CVE-2021-24564 WPFront Scroll Top < 2.0.6.07225 - Authenticated Stored XSS — WPFront Scroll TopCWE-79 5.4 -2021-08-23
CVE-2021-24562 LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR — LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPressCWE-639 7.5 -2021-08-23
CVE-2021-24561 WP SMS < 5.4.13 - Authenticated Stored Cross-Site Scripting — WP SMSCWE-79 5.4 -2021-08-23
CVE-2021-24558 Project Status <= 1.6 - Reflected Cross-Site Scripting (XSS) — Project StatusCWE-79 4.8 -2021-08-23
CVE-2021-24557 M-vSlider <= 2.1.3 - Authenticated (admin+) SQL Injection — M-vSliderCWE-89 7.2 -2021-08-23
CVE-2021-24556 Email Subscriber <= 1.1 - Unauthenticated Stored Cross-Site Scripting (XSS) — Email SubscriberCWE-79 6.1 -2021-08-23
CVE-2021-24554 Paytm - Donation Plugin <= 1.3.2 - Authenticated (admin+) SQL Injection — Paytm – Donation PluginCWE-89 7.2 -2021-08-23
CVE-2021-24555 Diary & Availability Calendar <= 1.0.3 - Authenticated (subscriber+) SQL Injection — Diary & Availability CalendarCWE-89 8.8 -2021-08-23
CVE-2021-24553 Timeline Calendar <= 1.2 - Authenticated (admin+) SQL Injection — Timeline CalendarCWE-89 7.2 -2021-08-23
CVE-2021-24552 Simple Events Calendar <= 1.4.0 - Authenticated (admin+) SQL Injection — Simple Events CalendarCWE-89 7.2 -2021-08-23
CVE-2021-24551 Edit Comments <= 0.3 - Unauthenticated SQL Injection — Edit CommentsCWE-89 7.2 -2021-08-23
CVE-2021-24550 Broken Link Manager <= 0.6.5 - Authenticated (admin+) SQL Injection — Broken Link ManagerCWE-89 7.2 -2021-08-23
CVE-2021-24549 AceIDE <= 2.6.2 - Authenticated (admin+) Arbitrary File Access — AceIDECWE-22 4.9 -2021-08-23
CVE-2021-24547 KN Fix Your Title <= 1.0.1 - Authenticated Stored XSS — KN Fix Your TitleCWE-79 5.4 -2021-08-23
CVE-2021-24533 Maintenance < 4.03 - Authenticated Stored XSS — MaintenanceCWE-79 4.8 -2021-08-23
CVE-2021-24529 Grid Gallery < 1.2.5 - Authenticated Stored Cross Site Scripting (XSS) — Grid Gallery – Photo Image Grid GalleryCWE-79 5.4 -2021-08-23
CVE-2021-24531 Charitable – Donation Plugin < 1.6.51 - Authenticated Stored Cross-Site Scripting (XSS) — Charitable – Donation PluginCWE-79 5.4 -2021-08-23
CVE-2021-24524 GiveWP < 2.12.0 - Authenticated Stored XSS — GiveWP – Donation Plugin and Fundraising PlatformCWE-79 4.8 -2021-08-23
CVE-2021-24506 Slider Hero < 8.2.7 - Contributor+ SQL Injection — Slider Hero with Animation, Video Background & Intro MakerCWE-89 8.8 -2021-08-23
CVE-2021-24497 Giveaway <= 1.2.2 - Authenticated SQL Injection — GiveawayCWE-89 7.2 -2021-08-23
CVE-2021-24486 Simple Social Media Share Buttons < 3.2.3 - Contributor+ Stored XSS — Simple Social Media Share Buttons – Social Sharing for EveryoneCWE-79 5.4 -2021-08-23
CVE-2021-24548 Mimetic Books <= 0.2.13 - Authenticated Stored Cross-Site Scripting (XSS) — Mimetic BooksCWE-79 5.4 -2021-08-16
CVE-2021-24541 Wonder PDF Embed < 1.7 - Contributor+ Stored XSS — Wonder PDF EmbedCWE-79 5.4 -2021-08-16
CVE-2021-24538 Current Book <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS) — Current BookCWE-79 5.4 -2021-08-16
CVE-2021-24540 Wonder Video Embed < 1.8 - Contributor+ Stored XSS — Wonder Video EmbedCWE-79 5.4 -2021-08-16
CVE-2021-24536 Custom Login Redirect <= 1.0.0 - CSRF to Stored XSS — Custom Login RedirectCWE-79 6.1 -2021-08-16
CVE-2021-24535 Light Messages <= 1.0 - CSRF to Stored XSS — Light MessagesCWE-79 6.1 -2021-08-16

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.