Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4148

Browse all 4148 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Autoptimize Form Maker by 10Web wp-affiliate-platform wp-cart-for-digital-products Yi Technology WPQA Builder Simple Download Monitor Salon booking system MapPress Maps for WordPress Photo Gallery by 10Web – Mobile-Friendly Image Gallery Frontend File Manager Plugin Popup box EventPrime VikBooking Hotel Booking Engine & PMS WP MultiTasking GiveWP – Donation Plugin and Fundraising Platform Ditty
CVE IDTitleCVSSSeverityPublished
CVE-2023-1478 Hummingbird < 3.4.2 - Unauthenticated Path Traversal — Hummingbird 9.1 -2023-04-10
CVE-2023-0983 Stylish Cost Calculator Premium < 7.9.0 - Unauthenticated Stored XSS — Stylish Cost Calculator Premium 5.4 -2023-04-10
CVE-2023-0605 Auto Rename Media On Upload < 1.1.0 - Admin+ Stored XSS — Auto Rename Media On Upload 4.8 -2023-04-10
CVE-2023-1425 Groundhogg Contacts < 2.7.9.4 - Admin+ SQLi — WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg 7.2 -2023-04-10
CVE-2023-1426 WP Tiles <= 1.1.2 - Subscriber+ Draft/Private Post Title Disclosure — WP Tiles 6.5 -2023-04-10
CVE-2023-1406 JetEngine < 3.1.3.1 - Author+ Remote Code Execution — JetEngine 9.8 -2023-04-10
CVE-2023-0893 Time Sheets < 1.29.3 - Admin+ Stored XSS — Time Sheets 4.8 -2023-04-10
CVE-2023-1122 Simple Giveaways < 2.45.1 - Editor+ Stored Cross-Site Scripting — Simple Giveaways 4.8 -2023-04-10
CVE-2023-0363 Scheduled Announcements Widget < 1.0 - Contributor+ Stored XSS — Scheduled Announcements Widget 5.4 -2023-04-10
CVE-2023-0399 Image Over Image For WPBakery Page Builder < 3.0 - Contributor+ Stored XSS — Image Over Image For WPBakery Page Builder 5.4 -2023-04-03
CVE-2023-1377 Solidres <= 0.9.4 - Multiple Reflected XSS — Solidres 6.1 -2023-04-03
CVE-2023-1330 Redirection < 1.1.4 - Redirect Creation via CSRF — Redirection 6.5 -2023-04-03
CVE-2023-1124 Shopping Cart & eCommerce Store < 5.4.3 - Admin+ LFI — Shopping Cart & eCommerce Store 7.2 -2023-04-03
CVE-2023-0820 User Role by BestWebSoft < 1.6.7 - Privilege Escalation via CSRF — User Role by BestWebSoft 8.8 -2023-04-03
CVE-2023-0395 menu shortcode <= 1.0 - Contributor+ Stored XSS via Shortcode — menu shortcode 5.4 -2023-03-27
CVE-2023-1087 WC Sales Notification < 1.2.3 - Arbitrary Plugin Activation via CSRF — WC Sales Notification 4.3 -2023-03-27
CVE-2023-0497 HT Portfolio < 1.1.6 - Arbitrary Plugin Activation via CSRF — HT Portfolio 4.3 -2023-03-27
CVE-2023-1025 Simple File List < 6.0.10 - Admin+ Stored XSS — Simple File List 4.8 -2023-03-27
CVE-2023-0272 NEX-Forms < 8.3.3 - Contributor+ Stored XSS — NEX-Forms 5.4 -2023-03-27
CVE-2023-0823 Cookie Notice & Compliance for GDPR / CCPA < 2.4.7 - Contributor+ Stored XSS — Cookie Notice & Compliance for GDPR / CCPA 5.4 -2023-03-27
CVE-2023-0589 WP Image Carousel <= 1.0.2 - Contributor+ Stored XSS — WP Image Carousel 5.4 -2023-03-27
CVE-2023-0336 OoohBoi Steroids for Elementor < 2.1.5 - Subscriber+ Attachment Deletion — OoohBoi Steroids for Elementor 6.5 -2023-03-27
CVE-2023-0496 HT Event < 1.4.6 - Arbitrary Plugin Activation via CSRF — HT Event 4.3 -2023-03-27
CVE-2023-1086 Preview Link Generator < 1.0.4 - Arbitrary Plugin Activation via CSRF — Preview Link Generator 4.3 -2023-03-27
CVE-2023-1069 Complianz - GDPR/CCPA Cookie Consent < 6.4.2 - Contributor+ Stored XSS — Complianz 5.4 -2023-03-27
CVE-2023-0501 WP Insurance < 2.1.4 - Arbitrary Plugin Activation via CSRF — WP Insurance 4.3 -2023-03-27
CVE-2023-0491 Schedulicity - Easy Online Scheduling <= 2.21 - Contributor+ Stored XSS — Schedulicity 5.4 -2023-03-27
CVE-2023-0500 WP Film Studio < 1.3.5 - Arbitrary Plugin Activation via CSRF — WP Film Studio 4.3 -2023-03-27
CVE-2023-0503 Free WooCommerce Theme 99fy Extension < 1.2.8 - Arbitrary Plugin Activation via CSRF — Free WooCommerce Theme 99fy Extension 4.3 -2023-03-27
CVE-2023-0955 WP Statistics < 14.0 - Authenticated SQLi — WP Statistics 8.8 -2023-03-27

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.