Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4151

Browse all 4151 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager Tutor LMS – eLearning and online course solution Modern Events Calendar Lite EventON wp-eMember AI ChatBot Logo Slider Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Welcart e-Commerce Photo Gallery by 10Web Autoptimize wp-affiliate-platform wp-cart-for-digital-products Form Maker by 10Web Booster for WooCommerce Yi Technology WPQA Builder VikBooking Hotel Booking Engine & PMS Frontend File Manager Plugin EventPrime Popup box WP MultiTasking Salon booking system Photo Gallery by 10Web – Mobile-Friendly Image Gallery Simple Download Monitor MapPress Maps for WordPress wpb-show-core Ninja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2024-13331 WP Dream Carousel <= 1.0.1b - Reflected XSS — WP Dream Carousel 6.1 -2025-02-04
CVE-2024-13327 Musicbox <= 2.0.3 - Reflected XSS — Musicbox 6.1 -2025-02-04
CVE-2024-13329 Solidres <= 0.9.4 - Reflected XSS — Solidres 6.1 -2025-02-04
CVE-2024-13328 Giga Messenger Bots <= 2.3.1 - Reflected XSS — Giga Messenger 6.1 -2025-02-04
CVE-2024-13326 iBuildApp <= 0.2.0 - Reflected XSS — iBuildApp 6.1 -2025-02-04
CVE-2024-13325 Glossy <= 2.3.5 - Reflected XSS — Glossy 6.1 -2025-02-04
CVE-2024-13115 WP Projects Portfolio with Client Testimonials <= 3.0 - Stored XSS via CSRF — WP Projects Portfolio with Client Testimonials 6.1 -2025-02-04
CVE-2024-13114 WP Projects Portfolio with Client Testimonials <= 3.0 - Reflected XSS — WP Projects Portfolio with Client Testimonials 6.1 -2025-02-04
CVE-2024-13347 Essential WP Real Estate <= 1.1.3 - Reflected XSS — Essential WP Real Estate 6.1 -2025-02-03
CVE-2024-13099 Widget4call <= 1.0.7 - Reflected XSS — Widget4Call 6.1 -2025-02-01
CVE-2024-13098 WP Email Newsletter <= 1.1 - Reflected XSS — WordPress Email Newsletter 6.1 -2025-02-01
CVE-2024-13097 WP Finance <= 1.3.6 - Reflected XSS — WP Finance 6.1 -2025-02-01
CVE-2024-13096 WP Finance <= 1.3.6 - Stored XSS via CSRF — WP Finance 6.1 -2025-02-01
CVE-2024-12768 Responsive iframe <= 1.2.0 - Contributor+ Stored XSS — Responsive iframe 5.4 -2025-02-01
CVE-2024-13225 ECT Home Page Products <= 1.9 - Reflected XSS — ECT Home Page Products 6.1 -2025-01-31
CVE-2024-13226 A5 Custom Login Page <= 2.8.1 - Reflected XSS — A5 Custom Login Page 6.1 -2025-01-31
CVE-2024-13221 Fantastic Elasticsearch <= 4.1.0 - Reflected XSS — Fantastic ElasticSearch 6.1 -2025-01-31
CVE-2024-13224 SlideDeck 1 Lite Content Slider <= 1.4.8 - Reflected XSS — SlideDeck 1 Lite Content Slider 6.1 -2025-01-31
CVE-2024-13220 Google Map Professional <= 1.0 - Reflected XSS — WordPress Google Map Professional (Map In Your Language) 6.1 -2025-01-31
CVE-2024-13222 User Messages <= 1.2.4 - Reflected XSS — User Messages 6.1 -2025-01-31
CVE-2024-13223 Tabulate <= 2.10.3 - Reflected XSS — Tabulate 6.1 -2025-01-31
CVE-2024-13218 Fast Tube <= 2.3.1 - Reflected XSS — Fast Tube 6.1 -2025-01-31
CVE-2024-13112 WP MediaTagger <= 4.1.1 - Reflected XSS — WP MediaTagger 6.1 -2025-01-31
CVE-2024-13101 WP MediaTagger <= 4.1.1 - Contributor+ Stored XSS — WP MediaTagger 5.4 -2025-01-31
CVE-2024-13219 Policy Genius <= 2.0.4 - Reflected XSS — Privacy Policy Genius 6.1 -2025-01-31
CVE-2024-13100 Woo UPS Pickup <= 2.6.3 - Reflected XSS — OPSI Israel Domestic Shipments 6.1 -2025-01-31
CVE-2024-12872 Zalomení <= 1.5 - Admin+ Stored XSS — Zalomení 4.8 -2025-01-31
CVE-2024-12772 Ninja Tables < 5.0.17 - Admin+ Stored XSS — Ninja Tables 6.1 -2025-01-31
CVE-2024-12275 CanvasFlow <= 1.5.5 - Reflected XSS — Canvasflow for WordPress 6.1 -2025-01-31
CVE-2024-12708 Bulk Me Now <= 2.0 - Stored XSS via Shortcode — Bulk Me Now! 5.4 -2025-01-30

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.