Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4169

Browse all 4169 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by UNKNOWN: Contest Gallery Download Manager Modern Events Calendar Lite Tutor LMS – eLearning and online course solution EventON wp-eMember AI ChatBot Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Logo Slider Elementor Website Builder Welcart e-Commerce Form Maker by 10Web wp-cart-for-digital-products Booster for WooCommerce wp-affiliate-platform Photo Gallery by 10Web Autoptimize Yi Technology Salon booking system MapPress Maps for WordPress WPQA Builder Popup box VikBooking Hotel Booking Engine & PMS WP MultiTasking EventPrime Frontend File Manager Plugin Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery Easy Forms for Mailchimp Newsletter Popup
CVE IDTitleCVSSSeverityPublished
CVE-2022-2146 Import CSV Files <= 1.0 - Reflected Cross-Site Scripting — Import CSV Files 6.1 -2022-07-17
CVE-2022-2144 Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF — Jquery Validation For Contact Form 7CWE-352 4.3 -2022-07-17
CVE-2022-2133 OAuth Single Sign On < 6.22.6 - Authentication Bypass — OAuth Single Sign On – SSO (OAuth Client)CWE-287 5.3 -2022-07-17
CVE-2022-2118 404s < 3.5.1 - Admin+ Stored Cross-Site Scripting — 404sCWE-79 4.8 -2022-07-17
CVE-2022-2114 Data Tables Generator by Supsystic < 1.10.20 - Admin+ Stored Cross-Site Scripting — Data Tables Generator by SupsysticCWE-79 4.8 -2022-07-17
CVE-2022-2100 Page Generator Plugin < 1.6.5 - Admin+ Stored Cross-Site Scripting — Page GeneratorCWE-79 4.8 -2022-07-17
CVE-2022-2099 WooCommerce < 6.6.0 - Admin+ Stored HTML Injection — WooCommerce 5.4 -2022-07-17
CVE-2022-2090 Woo Discount Rules < 2.4.2 - Reflected Cross-Site Scripting — Discount Rules for WooCommerceCWE-79 6.1 -2022-07-17
CVE-2022-1933 CDI < 5.1.9 - Reflected Cross-Site-Scripting — CDI – Collect and Deliver Interface for WoocommerceCWE-79 6.1 -2022-07-17
CVE-2022-1672 Insights from Google PageSpeed < 4.0.7 - Multiple CSRF — Insights from Google PageSpeedCWE-352 8.8 -2022-07-17
CVE-2021-24655 WP User Manager < 2.6.3 - Arbitrary User Password Reset to Account Compromise — WP User Manager – User Profile Builder & MembershipCWE-639 7.5 -2022-07-17
CVE-2022-2123 WP Opt-in <= 1.4.1 - Arbitrary Settings Update via CSRF — WP Opt-inCWE-352 6.5 -2022-07-11
CVE-2022-2093 WP Duplicate Page < 1.3 - Admin+ Stored Cross Site Scripting — WP Duplicate PageCWE-79 4.8 -2022-07-11
CVE-2022-2092 WooCommerce PDF Invoices & Packing Slips < 2.16.0 - Reflected Cross-Site Scripting — WooCommerce PDF Invoices & Packing SlipsCWE-79 6.1 -2022-07-11
CVE-2022-2091 Cache Images < 3.2.1 - Image Upload / Import via CSRF — Cache ImagesCWE-352 6.5 -2022-07-11
CVE-2022-2089 Bold Page Builder < 4.3.3 - Admin+ Stored Cross-Site Scripting — Bold Page BuilderCWE-79 4.8 -2022-07-11
CVE-2022-2050 WP Paginate < 2.1.9 - Admin+ Stored Cross-Site Scripting — WP-PaginateCWE-79 4.8 -2022-07-11
CVE-2022-1957 Comment License < 1.4.0 - Arbitrary Settings Update via CSRF — Comment LicenseCWE-352 4.3 -2022-07-11
CVE-2022-1956 Shortcut Macros <= 1.3 - Subscriber+ Arbitrary Settings Update — Shortcut MacrosCWE-352 4.3 -2022-07-11
CVE-2022-1952 eaSYNC < 1.1.16 - Unauthenticated Arbitrary File Upload — Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNCCWE-434 9.8 -2022-07-11
CVE-2022-1951 Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting — core plugin for kitestudio themesCWE-79 6.1 -2022-07-11
CVE-2022-1938 Awin Data Feed < 1.8 - Unauthenticated Stored Cross-Site Scripting — Awin Data FeedCWE-79 5.4 -2022-07-11
CVE-2022-1937 Awin Data Feed < 1.8 - Reflected Cross-Site Scripting — Awin Data FeedCWE-79 6.1 -2022-07-11
CVE-2022-1910 Shortcodes and extra features for Phlox theme < 2.9.8 - Reflected Cross-Site-Scripting — Shortcodes and extra features for Phlox themeCWE-79 6.1 -2022-07-11
CVE-2022-1894 Popup Builder < 4.1.11 - Admin+ Stored Cross-Site Scripting — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-79 4.8 -2022-07-11
CVE-2022-1757 Pagebar < 2.70 - Arbitrary Settings Update via CSRF to Stored XSS — pagebarCWE-352 5.4 -2022-07-11
CVE-2022-1732 Rename wp-login.php <= 2.6.0 - Secret URL Update via CSRF — Rename wp-login.phpCWE-352 6.5 -2022-07-11
CVE-2022-1626 Sharebar <= 1.4.1 - Arbitrary Settings Update to Stored XSS via CSRF — SharebarCWE-352 4.6 -2022-07-11
CVE-2022-1599 Admin Management Xtended < 2.4.5 - Post Visibility/Date/Comment Status Update via CSRF — Admin Management XtendedCWE-352 6.5 -2022-07-11
CVE-2022-1576 WP Maintenance Mode & Coming Soon < 2.4.5 - Subscribed Users Deletion via CSRF — WP Maintenance Mode & Coming SoonCWE-352 6.5 -2022-07-11

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.