Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2023-5525 Limit Login Attempts Reloaded < 2.25.26 - Admin+ Missing Authorization to Toggle Plugin Auto-Update — Limit Login Attempts Reloaded 5.3 -2023-11-27
CVE-2023-5611 Seraphinite Accelerator < 2.20.32 - Unauthorised Settings Reset/Import — Seraphinite Accelerator 5.3 -2023-11-27
CVE-2023-5559 10Web Booster < 2.24.18 - Unauthenticated Arbitrary Option Deletion — 10Web Booster 8.2 -2023-11-27
CVE-2023-2707 Appointment booking addon for Gravity Forms <= 1.9.5.1 - Admin+ Stored XSS — gAppointments 4.8 -2023-11-27
CVE-2023-5942 Medialist < 1.4.1 - Contributor+ Stored XSS — Medialist 5.4 -2023-11-27
CVE-2023-5738 WordPress Backup & Migration < 1.4.5 - Subscriber+ Stored XSS — WordPress Backup & Migration 5.4 -2023-11-27
CVE-2023-5958 POST SMTP Mailer < 2.7.1 - Unauthenticated Cross-site Scripting — POST SMTP Mailer 6.1 -2023-11-27
CVE-2023-4514 Mmm Simple File List <= 2.3 - Contributor+ Stored XSS — Mmm Simple File List 5.4 -2023-11-27
CVE-2023-4922 WPB Show Core <= 2.2 - Unauthenticated Local File Inclusion — wpb-show-core 9.1 -2023-11-27
CVE-2023-5974 WPB Show Core <= 2.2 - Unauthenticated Server Side Request Forgery — wpb-show-core 9.1 -2023-11-27
CVE-2023-5325 Woocommerce Vietnam Checkout < 2.0.6 - Unauthenticated Stored XSS — Woocommerce Vietnam Checkout 6.1 -2023-11-27
CVE-2023-5737 WordPress Backup & Migration < 1.4.4 - Subscriber+ Plugin Settings Update — WordPress Backup & Migration 4.3 -2023-11-27
CVE-2023-5845 Simple Social Buttons < 5.1.1 - Unauthenticated Password Protected Post Access — Simple Social Media Share Buttons 5.3 -2023-11-27
CVE-2023-4297 Mmm Simple File List <= 2.3 - Subscriber+ Arbitrary Directory Listing — Mmm Simple File List 6.5 -2023-11-27
CVE-2023-5604 Asgaros Forum < 2.7.1 - Unauthenticated Arbitrary File Upload — Asgaros Forum 9.8 -2023-11-27
CVE-2023-5239 Security & Malware scan by CleanTalk < 2.121 - IP Spoofing — Security & Malware scan by CleanTalk 7.5 -2023-11-27
CVE-2023-5653 WassUp Real Time Analytics <= 1.9.4.5 - Unauthenticated Stored XSS — WassUp Real Time Analytics 6.1 -2023-11-27
CVE-2023-5560 WP-UserOnline < 2.88.3 - Unauthenticated Stored XSS — WP-UserOnline 6.1 -2023-11-27
CVE-2023-4252 EventPrime <= 3.2.9 - Booking Pricing Bypass — EventPrime 5.3 -2023-11-27
CVE-2023-4642 kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition — kk Star Ratings 5.3 -2023-11-27
CVE-2023-5209 Bookly < 22.5 - Admin+ Stored XSS — WordPress Online Booking and Scheduling Plugin 4.8 -2023-11-27
CVE-2023-5906 Job Manager & Career < 1.4.4 - Directory listing to Sensitive Data Exposure — Job Manager & Career 7.5 -2023-11-27
CVE-2023-5343 Popup Box < 3.7.9 - Admin+ Stored XSS — Popup box 4.8AIMediumAI2023-11-20
CVE-2023-5640 Article Analytics <= 1.0 - Unauthenticated SQL injection — Article analytics 9.8AICriticalAI2023-11-20
CVE-2023-5119 Forminator and Forminator Pro < 1.27.0 - Admin+ Stored Cross-Site Scripting — Forminator 4.8AIMediumAI2023-11-20
CVE-2023-5610 Seraphinite Accelerator < 2.20.29 - Authenticated Arbitrary Redirect — Seraphinite Accelerator 6.1AIMediumAI2023-11-20
CVE-2023-5509 myStickymenu < 2.6.5 - Subscriber+ Arbitrary Form Leads Deletion — Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any Theme 8.8AIHighAI2023-11-20
CVE-2023-5651 WP Hotel Booking < 2.0.8 - Subscriber+ Arbitrary Post Deletion — WP Hotel Booking 6.5AIMediumAI2023-11-20
CVE-2023-5799 WP Hotel Booking < 2.0.9 - Contributor+ Arbitrary Post Deletion — WP Hotel Booking 6.5AIMediumAI2023-11-20
CVE-2023-5609 Seraphinite Accelerator < 2.20.29 - Reflected XSS — Seraphinite Accelerator 6.1AIMediumAI2023-11-20

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.