Unknown — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-24717	AutomatorWP < 1.7.6 - Missing Authorization and Privilege Escalation — AutomatorWPCWE-863	8.8	-	2021-11-01
CVE-2021-24716	Modern Events Calendar Lite < 5.22.3 - Authenticated Stored Cross Site Scripting — Modern Events Calendar LiteCWE-79	5.4	-	2021-11-01
CVE-2021-24715	WP Sitemap Page < 1.7.0 - Admin+ Stored Cross Site Scripting — WP Sitemap PageCWE-79	4.8	-	2021-11-01
CVE-2021-24685	Flat Preloader < 1.5.4 - CSRF to Stored Cross-Site Scripting — Flat PreloaderCWE-352	5.4	-	2021-11-01
CVE-2021-24682	Cool Tag Cloud < 2.26 - Contributor+ Stored Cross-Site Scripting — Cool Tag CloudCWE-79	5.4	-	2021-11-01
CVE-2021-24624	MP3 Audio Player for Music, Radio & Podcast by Sonaar < 2.4.2 - Multiple Admin+ Cross Site Scripting — MP3 Audio Player for Music, Radio & Podcast by SonaarCWE-79	4.8	-	2021-11-01
CVE-2021-24572	Paypal Donation < 1.3.1 - CSRF to Arbitrary Post Deletion — Accept Donations with PayPalCWE-352	4.3	-	2021-11-01
CVE-2021-24570	Paypal Donation < 1.3.1 - CSRF to Stored Cross-Site Scripting — Accept Donations with PayPalCWE-352	4.7	-	2021-11-01
CVE-2021-24539	Coming Soon, Under Construction & Maintenance Mode By Dazzler < 1.6.7 - Admin+ Stored Cross-Site Scripting — Coming Soon, Under Construction & Maintenance Mode By DazzlerCWE-79	4.8	-	2021-11-01
CVE-2020-36505	Delete All Comments Easily <= 1.3 - All Comments Deletion via CSRF — Delete All Comments EasilyCWE-352	4.3	-	2021-11-01
CVE-2020-36504	WP-Pro-Quiz <= 0.37 - Arbitrary Quiz Deletion via CSRF — Wp-Pro-QuizCWE-352	6.5	-	2021-11-01
CVE-2020-36503	Connections Business Directory < 9.7 - Admin+ CSV Injection — Connections Business DirectoryCWE-1236	8.0	-	2021-11-01
CVE-2018-25019	LearnDash < 2.5.4 - Unauthenticated Arbitrary File Upload — LearnDash LMSCWE-434	7.5	-	2021-11-01
CVE-2015-20067	WP Attachment Export < 0.2.4 - Unauthenticated Posts Download — WP Attachment ExportCWE-862	5.3	-	2021-11-01
CVE-2015-20019	Content text slider on post < 6.9 - Authenticated Stored Cross-Site Scripting (XSS) — Content text slider on postCWE-79	5.4	-	2021-11-01
CVE-2015-10001	WP-Stats < 2.5.2 - CSRF to Stored Cross-Site Scripting (XSS) — WP-StatsCWE-352	4.3	-	2021-11-01
CVE-2021-24885	YOP Poll < 6.1.2 - Reflected Cross-Site Scripting — YOP PollCWE-79	6.1	-	2021-10-25
CVE-2021-24884	Formidable Form Builder < 4.09.05 - Unauthenticated Stored Cross-Site Scripting — Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPressCWE-79	8.2	-	2021-10-25
CVE-2021-24785	Great Quotes <= 1.0.0 - Admin+ Stored Cross-Site Scripting — Great QuotesCWE-79	4.8	-	2021-10-25
CVE-2021-24779	WP Debugging < 2.11.0 - Unauthenticated Plugin's Settings Update — WP DebuggingCWE-862	6.5	-	2021-10-25
CVE-2021-24774	Check & Log Email < 1.0.3 - Admin+ SQL Injections — Check & Log EmailCWE-89	7.2	-	2021-10-25
CVE-2021-24769	Permalink Manager Lite < 2.2.13.1 - Admin+ SQL Injection — Permalink Manager LiteCWE-89	7.2	-	2021-10-25
CVE-2021-24744	WordPress Contact Forms by Cimatti < 1.4.12 - Admin+ Stored Cross-Site Scripting — WordPress Contact Forms by CimattiCWE-79	4.8	-	2021-10-25
CVE-2021-24699	Easy Media Download < 1.1.7 - Contributor+ Stored Cross-Site Scripting — Easy Media DownloadCWE-79	5.4	-	2021-10-25
CVE-2021-24662	Game Server Status <= 1.0 - Admin+ SQL Injection — Game Server StatusCWE-89	7.2	-	2021-10-25
CVE-2021-24653	Cookie Bar < 1.8.9 - Admin+ Stored Cross-Site Scripting — Cookie BarCWE-79	4.8	-	2021-10-25
CVE-2021-24608	Formidable Form Builder < 5.0.07 - Admin+ Stored Cross-Site Scripting — Formidable Form Builder – Contact Form, Survey & Quiz Forms Plugin for WordPressCWE-79	4.8	-	2021-10-25
CVE-2021-24544	Responsive WordPress Slider <= 2.2.0 - Subscriber+ Stored Cross-Site Scripting — Responsive WordPress SliderCWE-79	5.4	-	2021-10-25
CVE-2021-24543	jQuery Reply to Comment <= 1.31 - CSRF to Stored Cross-Site Scripting — jQuery Reply to CommentCWE-352	6.1	-	2021-10-25
CVE-2021-24515	Video Gallery - Vimeo and YouTube Gallery < 1.1.5 - Admin+ Stored Cross-Site Scripting — Video Gallery - Vimeo and YouTube GalleryCWE-79	5.4	-	2021-10-25

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Unknown — Vulnerabilities & Security Advisories 4143