Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4169

Browse all 4169 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager Modern Events Calendar Lite Tutor LMS – eLearning and online course solution EventON wp-eMember AI ChatBot Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Logo Slider Elementor Website Builder Welcart e-Commerce Form Maker by 10Web wp-cart-for-digital-products Booster for WooCommerce wp-affiliate-platform Photo Gallery by 10Web Autoptimize Yi Technology Salon booking system MapPress Maps for WordPress WPQA Builder Popup box VikBooking Hotel Booking Engine & PMS WP MultiTasking EventPrime Frontend File Manager Plugin Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery Easy Forms for Mailchimp Newsletter Popup
CVE IDTitleCVSSSeverityPublished
CVE-2022-0827 Bestbooks <= 2.6.3 - Unauthenticated SQLi — BestbooksCWE-89 9.8 -2022-06-13
CVE-2022-0786 KiviCare < 2.3.9 - Unauthenticated SQLi — KiviCare – Clinic & Patient Management System (EHR)CWE-89 9.8 -2022-06-13
CVE-2022-0745 Like Button Rating < 2.6.45 - Arbitrary e-mail Sending — Like Button Rating ♥ LikeBtnCWE-862 6.5 -2022-06-13
CVE-2022-0626 Advanced Admin Search < 1.1.6 - Reflected Cross-Site Scripting — Advanced Admin SearchCWE-79 6.1 -2022-06-13
CVE-2021-25116 Enqueue Anything <= 1.0.1 - Subscriber+ Arbitrary Asset/Post Deletion — Enqueue Anything 6.5 -2022-06-13
CVE-2022-1712 LiveSync for WordPress <= 1.0 - Arbitrary Settings Update via CSRF — LiveSync for WordPressCWE-352 4.3 -2022-06-06
CVE-2022-1709 Throws SPAM Away < 3.3.1 - Comment Deletion via CSRF — Throws SPAM AwayCWE-352 6.5 -2022-06-06
CVE-2022-1695 WP Simple Adsense Insertion < 2.1 - Inject ads and javascript via CSRF — WP Simple Adsense InsertionCWE-352 7.4 -2022-06-06
CVE-2022-1692 CP Image Store with Slideshow < 1.0.68 - Unauthenticated SQLi — CP Image Store with SlideshowCWE-89 9.8 -2022-06-06
CVE-2022-1691 Realty Workstation < 1.0.15 - Agent SQLi — Realty WorkstationCWE-89 6.5 -2022-06-06
CVE-2022-1690 Note Press <= 0.1.10 - Admin+ SQLi via Bulk Actions — Note PressCWE-89 6.5 -2022-06-06
CVE-2022-1689 Note Press <= 0.1.10 - Admin+ SQLi via Update — Note PressCWE-89 2.7 -2022-06-06
CVE-2022-1688 Note Press <= 0.1.10 - Admin+ SQLi via id — Note PressCWE-89 6.5 -2022-06-06
CVE-2022-1687 Logo Slider <= 1.4.8 - Admin+ SQLi — Logo SliderCWE-89 6.5 -2022-06-06
CVE-2022-1686 Five Minute Webshop <= 1.3.2 - Admin+ SQLi via id — Five Minute WebshopCWE-89 6.5 -2022-06-06
CVE-2022-1685 Five Minute Webshop <= 1.3.2 - Admin+ SQLi via orderby — Five Minute WebshopCWE-89 6.5 -2022-06-06
CVE-2022-1684 Cube Slider <= 1.2 - Admin+ SQLi — CUBE SLIDERCWE-89 7.2 -2022-06-06
CVE-2022-1683 amtyThumb <= 4.2.0 - Subscriber+ SQLi — amtyThumbCWE-89 8.8 -2022-06-06
CVE-2022-1673 WooCommerce Green Wallet Gateway < 1.0.2 - Reflected Cross Site Scripting in checkout page — WooCommerce Green Wallet GatewayCWE-79 6.1 -2022-06-06
CVE-2022-1647 FormCraft Basic < 1.2.6 - Admin+ Stored Cross Site Scripting — FormCraft – Contact Form Builder for WordPressCWE-79 4.8 -2022-06-06
CVE-2022-1598 WPQA < 5.5 - Unauthenticated Private Message Disclosure — WPQA Builder 5.3 -2022-06-06
CVE-2022-1597 WPQA < 5.4 - Reflected Cross-Site Scripting — WPQA BuilderCWE-79 6.1 -2022-06-06
CVE-2022-1577 Database Backup for WordPress < 2.5.2 - Arbitrary Schedule Settings Update via CSRF — Database Backup for WordPressCWE-352 5.4 -2022-06-06
CVE-2022-1570 Files Download Delay < 1.0.7 - Subscriber+ Settings Reset — Files Download Delay 6.5 -2022-06-06
CVE-2022-1569 WordPress Forms by Pie Forms < 1.4.9.4 - Admin+ Stored Cross-Site Scripting — Drag & Drop Builder, Human Face Detector, Pre-built Templates, Spam Protection, User Email Notifications & more!CWE-79 4.8 -2022-06-06
CVE-2022-1541 Video Slider - Slider Carousel < 1.4.8 - Admin+ Stored Cross-Site Scripting — Video Slider – Slider CarouselCWE-79 4.8 -2022-06-06
CVE-2022-1506 WP Born Babies <= 1.0 - Contributor+ Stored Cross-Site Scripting — WP BORN BABIES PLUGINCWE-79 5.4 -2022-06-06
CVE-2022-1469 FiboSearch < 1.18.0 - Admin+ Stored Cross-Site Scripting — FiboSearch – Ajax Search for WooCommerceCWE-79 4.8 -2022-06-06
CVE-2022-1424 Ask Me < 6.8.2 - Multiple CSRF in AJAX Actions — Ask meCWE-352 6.5 -2022-06-06
CVE-2022-1422 Discy < 5.2 - Restore Default Settings via CSRF — DiscyCWE-352 6.5 -2022-06-06

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.