Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4152

Browse all 4152 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Autoptimize Form Maker by 10Web wp-affiliate-platform wp-cart-for-digital-products Yi Technology VikBooking Hotel Booking Engine & PMS Popup box Frontend File Manager Plugin WP MultiTasking Salon booking system Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery WPQA Builder MapPress Maps for WordPress EventPrime Blog2Social: Social Media Auto Post & Scheduler Ditty
CVE IDTitleCVSSSeverityPublished
CVE-2022-4825 WP-ShowHide < 1.05 - Contributor+ Stored XSS via Shortcode — WP-ShowHide 5.4 -2023-02-06
CVE-2022-4384 Stream < 3.9.2 - Subscriber+ Alert Creation — Stream 6.5 -2023-02-06
CVE-2023-0143 Send PDF for Contact Form 7 < 0.9.9.2 - Contributor+ Stored XSS via Shortcode — Send PDF for Contact Form 7 5.4 -2023-02-06
CVE-2022-4717 Strong Testimonials < 3.0.3 - Contributor+ Stored XSS via Shortcode — Strong Testimonials 5.4 -2023-02-06
CVE-2023-0174 WP VR < 8.2.7 - Contributor+ Stored XSS — WP VR 5.4 -2023-02-06
CVE-2022-4756 YouTube Channel < 3.23.0 - Contributor+ Stored XSS via Shortcode — My YouTube Channel 5.4 -2023-02-06
CVE-2022-4664 Logo Slider < 3.6.0 - Contributor+ Stored XSS in Shortcode — Logo Slider 5.4 -2023-02-06
CVE-2023-0070 ResponsiveVoice Text To Speech < 1.7.7 - Contributor+ Stored XSS — ResponsiveVoice Text To Speech 5.4 -2023-02-06
CVE-2023-0154 GamiPress – Vimeo integration < 1.0.9 - Contributor+ Stored XSS — GamiPress 5.4 -2023-02-06
CVE-2022-4824 WP Blog and Widget < 2.3.1 - Contributor+ Stored XSS via Shortcode — WP Blog and Widgets 5.4 -2023-02-06
CVE-2022-4577 Easy Testimonials < 3.9.3 - Contributor+ Stored XSS — Easy Testimonials 5.4 -2023-02-06
CVE-2023-0178 Annual Archive < 1.6.0 - Contributor+ Stored XSS — Annual Archive 5.4 -2023-02-06
CVE-2022-2546 All-in-One WP Migration < 7.63 - Unauthenticated Reflected XSS — All-in-One WP Migration 4.7 -2023-02-02
CVE-2022-4667 RSS Aggregator by Feedzy < 4.1.1 - Contributor+ Stored XSS — RSS Aggregator by Feedzy 5.4 -2023-01-30
CVE-2022-4671 PixCodes < 2.3.7 - Contributor+ Stored XSS in Shortcode — PixCodes 5.4 -2023-01-30
CVE-2022-4763 Icon Widget < 1.3.0 - Contributor+ Stored XSS via Shortcode — Icon Widget 5.4 -2023-01-30
CVE-2022-4470 Widgets for Google Reviews < 9.8 - Contributor+ Stored XSS — Widgets for Google Reviews 5.4 -2023-01-30
CVE-2022-4831 Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro < 1.8.1 - Contributor+ Stored XSS via Shortcode — Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro 5.4 -2023-01-30
CVE-2022-4651 Justified Gallery < 1.7.1 - Contributor+ Stored XSS via Shortcode — Justified Gallery 5.4 -2023-01-30
CVE-2023-0033 PDF Viewer < 1.0.0 - Contributor+ Stored XSS via Shortcode — PDF Viewer 5.4 -2023-01-30
CVE-2022-4781 Accordion Shortcodes <= 2.4.2 - Contributor+ Stored XSS via Shortcode — Accordion Shortcodes 5.4 -2023-01-30
CVE-2022-4552 FL3R FeelBox <= 8.1 - Settings Update via CSRF to Stored XSS — FL3R FeelBox 4.7 -2023-01-30
CVE-2022-4765 Portfolio for Elementor, Image Gallery & Post Grid | PowerFolio < 2.3.1 - Contributor+ Stored XSS via Shortcode — Portfolio for Elementor, Image Gallery & Post Grid | PowerFolio 5.4 -2023-01-30
CVE-2022-4749 Posts List Designer by Category < 3.2 - Contributor+ Stored XSS via Shortcode — Posts List Designer by Category 5.4 -2023-01-30
CVE-2022-4837 CPO Companion < 1.1.0 - Contributor+ Stored XSS via Shortcode — CPO Companion 5.4 -2023-01-30
CVE-2023-0097 Post Grid, Post Carousel, & List Category Posts < 2.4.19 - Contributor+ Stored XSS — Post Grid, Post Carousel, & List Category Posts 5.4 -2023-01-30
CVE-2022-4699 MediaElement.js – HTML5 Video & Audio Player <= 4.2.8 - Contributor+ Stored XSS via Shortcode — MediaElement.js 5.4 -2023-01-30
CVE-2023-0074 WP Social Widget < 2.2.4 - Contributor+ Stored XSS — WP Social Widget 5.4 -2023-01-30
CVE-2022-4787 Themify Shortcodes < 2.0.8 - Contributor+ Stored XSS via Shortcode — Themify Shortcodes 5.4 -2023-01-30
CVE-2022-4553 FL3R FeelBox <= 8.1 - Moods Reset via CSRF — FL3R FeelBox 4.3 -2023-01-30

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.