Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4169

Browse all 4169 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager Modern Events Calendar Lite Tutor LMS – eLearning and online course solution EventON wp-eMember AI ChatBot Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Logo Slider Elementor Website Builder Welcart e-Commerce Form Maker by 10Web wp-cart-for-digital-products Booster for WooCommerce wp-affiliate-platform Photo Gallery by 10Web Autoptimize Yi Technology Salon booking system MapPress Maps for WordPress WPQA Builder Popup box VikBooking Hotel Booking Engine & PMS WP MultiTasking EventPrime Frontend File Manager Plugin Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery Easy Forms for Mailchimp Newsletter Popup
CVE IDTitleCVSSSeverityPublished
CVE-2022-4166 Contest Gallery < 19.1.5 - Author+ SQL Injection — Contest Gallery 6.5 -2022-12-26
CVE-2022-4158 Contest Gallery < 19.1.5 - Unauthenticated SQL Injection — Contest Gallery 7.5 -2022-12-26
CVE-2022-4165 Contest Gallery < 19.1.5 - Author+ SQL Injection — Contest Gallery 6.5 -2022-12-26
CVE-2022-4197 Sliderby10Web < 1.2.53 - Admin+ Stored XSS — Sliderby10Web 4.8 -2022-12-26
CVE-2022-4243 ImageInject <= 1.17 - Admin+ Stored XSS — ImageInject 4.8 -2022-12-26
CVE-2022-4042 Paytium < 4.3.7 - Admin+ Stored XSS — Paytium: Mollie payment forms & donations 4.8 -2022-12-26
CVE-2022-4155 Contest Gallery < 19.1.5 - Admin+ SQL Injection — Contest Gallery 4.9 -2022-12-26
CVE-2022-4157 Contest Gallery < 19.1.5 - Admin+ SQL Injection — Contest Gallery 4.9 -2022-12-26
CVE-2022-4153 Contest Gallery < 19.1.5.1 - Author+ SQL Injection — Contest Gallery 6.5 -2022-12-26
CVE-2022-4268 Plugin Logic < 1.0.8 - Admin+ SQLi — Plugin Logic 7.2 -2022-12-26
CVE-2022-4161 Contest Gallery < 19.1.5 - Author+ SQL Injection — Contest Gallery 6.5 -2022-12-26
CVE-2022-4050 JoomSport < 5.2.8 - Unauthenticated SQLi — JoomSport 9.8 -2022-12-19
CVE-2022-4106 Wholesale Market for WooCommerce < 1.0.7 - Unauthenticated Arbitrary File Download — Wholesale Market for WooCommerce 7.5 -2022-12-19
CVE-2022-4125 Popup Manager <= 1.6.6 - Unauthenticated Stored XSS — Popup Manager 4.7 -2022-12-19
CVE-2022-4107 SMSA Shipping for WooCommerce < 1.0.5 - Subscriber+ Arbitrary File Download — SMSA Shipping for WooCommerce 5.7 -2022-12-19
CVE-2022-4124 Popup Manager <= 1.6.6 - Unauthenticated Arbitrary Popup Deletion — Popup Manager 4.3 -2022-12-19
CVE-2022-3987 Responsive Lightbox2 < 1.0.4 - Contributor+ Stored XSS — Responsive Lightbox2 5.4 -2022-12-19
CVE-2022-3984 Flowplayer Video Player < 1.0.5 - Contributor+ Stored XSS — Flowplayer Video Player 5.4 -2022-12-19
CVE-2022-4112 Quizlord <= 2.0 - Admin+ Stored XSS — Quizlord 4.8 -2022-12-19
CVE-2022-3961 Directorist < 7.4.4 - Subscriber+ Sensitive Information Disclosure — Directorist 6.5 -2022-12-19
CVE-2022-4108 Wholesale Market for WooCommerce < 1.0.8 - Admin+ Arbitrary File Download — Wholesale Market for WooCommerce 4.9 -2022-12-19
CVE-2022-4058 Photo Gallery < 1.8.3 - Stored XSS via CSRF — Photo Gallery by 10Web 5.4 -2022-12-19
CVE-2022-3983 Checkout for PayPal < 1.0.14 - Contributor+ Stored XSS — Checkout for PayPal 5.4 -2022-12-19
CVE-2022-3937 Easy Video Player < 1.2.2.3 - Contributor+ Stored XSS — Easy Video Player 5.4 -2022-12-19
CVE-2022-4061 JobBoardWP < 1.2.2 - Unauthenticated Arbitrary File Upload — JobBoardWP 9.1 -2022-12-19
CVE-2022-3985 Videojs HTML5 Player < 1.1.9 - Contributor+ Stored XSS — Videojs HTML5 Player 5.4 -2022-12-19
CVE-2022-4024 Pie Register < 3.8.1.3 - Unauthenticated Arbitrary User Deletion — Registration Forms 4.3 -2022-12-19
CVE-2022-3832 External Media < 1.0.36 - Admin+ Stored XSS — External Media 4.8 -2022-12-19
CVE-2022-3986 WP Stripe Checkout < 1.2.2.21 - Contributor+ Stored XSS — WP Stripe Checkout 5.4 -2022-12-19
CVE-2022-4063 InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE — InPost Gallery 9.8 -2022-12-19

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.