Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4152

Browse all 4152 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Autoptimize Form Maker by 10Web wp-affiliate-platform wp-cart-for-digital-products Yi Technology VikBooking Hotel Booking Engine & PMS Popup box Frontend File Manager Plugin WP MultiTasking Salon booking system Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery WPQA Builder MapPress Maps for WordPress EventPrime Blog2Social: Social Media Auto Post & Scheduler Ditty
CVE IDTitleCVSSSeverityPublished
CVE-2022-4680 Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection — Revive Old Posts 7.2 -2023-01-30
CVE-2022-4395 Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload — Membership For WooCommerce 9.8 -2023-01-30
CVE-2022-4792 News & Blog Designer Pack < 3.3 - Contributor+ Stored XSS via Shortcode — News & Blog Designer Pack 5.4 -2023-01-30
CVE-2022-4835 Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode — Social Sharing Toolkit 5.4 -2023-01-30
CVE-2022-4793 Blog Designer – Post and Widget < 2.4.1 - Contributor+ Stored XSS via Shortcode — Blog Designer 5.4 -2023-01-30
CVE-2022-4834 CPT Bootstrap Carousel <= 1.12 - Contributor+ Stored XSS via Shortcode — CPT Bootstrap Carousel 5.4 -2023-01-30
CVE-2022-4654 Pricing Tables WordPress Plugin – Easy Pricing Tables < 3.2.3 - Contributor+ Stored XSS via Shortcode — Pricing Tables WordPress Plugin 5.4 -2023-01-30
CVE-2022-4649 WP Extended Search < 2.1.2 - Contributor+ Stored XSS via Shortcode — WP Extended Search 5.4 -2023-01-30
CVE-2022-4472 Simple Sitemap < 3.5.8 - Contributor+ Stored XSS — Simple Sitemap 5.4 -2023-01-30
CVE-2022-4872 WooCommerce Chained Products < 2.12.0 - Unauthenticated Arbitrary Options Update to 'no' — Chained Products 4.3 -2023-01-30
CVE-2023-0071 WP Tabs < 2.1.17 - Contributor+ Stored XSS — WP Tabs 5.4 -2023-01-30
CVE-2022-4794 AAWP < 3.12.3 - Unsafe URL Handling — AAWP 7.5 -2023-01-30
CVE-2022-4828 Bold Timeline Lite < 1.1.5 - Contributor+ Stored XSS via Shortcode — Bold Timeline Lite 5.4 -2023-01-30
CVE-2022-4306 Panda Pods Repeater Field < 1.5.4 - Reflected XSS — Panda Pods Repeater Field 5.4 -2023-01-30
CVE-2022-4776 CC Child Pages < 1.43 - Contributor+ Stored XSS via Shortcode — CC Child Pages 5.4 -2023-01-30
CVE-2022-0316 Multiple themes - Unauthenticated Arbitrary File Upload — WeStand 9.8 -2023-01-23
CVE-2022-4775 GeoDirectory < 2.2.22 - Contributor+ Stored XSS via Shortcode — GeoDirectory 5.4 -2023-01-23
CVE-2022-4718 Landing Page Builder < 1.4.9.9 - Contributor+ Cross-Site Scripting via Shortcode — Landing Page Builder 5.4 -2023-01-23
CVE-2021-24837 Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting — Passster 5.4 -2023-01-23
CVE-2022-4542 Compact WP Audio Player < 1.9.8 - Contributor+ Stored XSS — Compact WP Audio Player 5.4 -2023-01-23
CVE-2022-4485 Page-list < 5.3 - Contributor+ Stored XSS — Page-list 5.4 -2023-01-23
CVE-2022-4305 Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin — Login as User or Customer 9.8 -2023-01-23
CVE-2022-4650 HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode — HashBar 5.4 -2023-01-23
CVE-2022-4715 Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode — Structured Content (JSON-LD) #wpsc 5.4 -2023-01-23
CVE-2022-4017 Booster for WooCommerce - Multiple CSRF — Booster for WooCommerce 8.8 -2023-01-23
CVE-2022-4693 User Verification < 1.0.94 - Authentication Bypass — User Verification 9.8 -2023-01-23
CVE-2022-4758 10WebMapBuilder < 1.0.72 - Contributor+ Stored XSS via Shortcode — 10WebMapBuilder 5.4 -2023-01-23
CVE-2022-4467 Search & Filter < 1.2.16 - Contributor+ Stored XSS — Search & Filter 5.4 -2023-01-23
CVE-2022-4627 ShiftNav – Responsive Mobile Menu < 1.7.2 - Contributor+ Stored XSS in Shortcode — ShiftNav 5.4 -2023-01-23
CVE-2022-4303 WP Limit Login Attempts <= 2.6.4 - IP Spoofing — WP Limit Login Attempts 7.5 -2023-01-23

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.