Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2021-24652 PostX Gutenberg Blocks for Post Grid < 2.4.10 - Missing Access Controls — PostX – Gutenberg Blocks for Post GridCWE-863 6.5 -2021-09-27
CVE-2021-24643 WP Map Block < 1.2.3 - Contributor+ Stored Cross-Site Scripting — WP Map Block – Gutenberg Map Block for Google Map and OpenStreet MapCWE-79 5.4 -2021-09-27
CVE-2021-24634 Recipe Card Blocks < 2.8.3 - Contributor+ Stored Cross-Site Scripting — Recipe Card Blocks by WPZOOMCWE-79 5.4 -2021-09-27
CVE-2021-24633 Countdown Block < 1.1.2 - Missing Authorisation in AJAX action — Countdown BlockCWE-862 4.3 -2021-09-27
CVE-2021-24632 Recipe Card Blocks < 2.8.1 - Reflected Cross-Site Scripting — Recipe Card Blocks by WPZOOMCWE-79 6.1 -2021-09-27
CVE-2021-24610 TranslatePress < 2.0.9 - Authenticated Stored Cross-Site Scripting — Translate Multilingual sites – TranslatePressCWE-79 5.4 -2021-09-27
CVE-2021-24569 Cookie Notice & Compliance for GDPR / CCPA < 2.1.2 - Admin+ Stored Cross-Site Scripting — Cookie Notice & Compliance for GDPR / CCPACWE-79 4.8 -2021-09-27
CVE-2021-24741 Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections — Support BoardCWE-89 9.8 -2021-09-20
CVE-2021-24663 Simple School Staff Directory <= 1.1 - Admin+ Arbitrary File Upload — Simple Schools Staff DirectoryCWE-434 7.2 -2021-09-20
CVE-2021-24657 Limit Login Attempts < 4.0.50 - Unauthenticated Stored Cross-Site Scripting — Limit Login AttemptsCWE-79 6.1 -2021-09-20
CVE-2021-24640 Gutenslider < 5.2.0 - Contributor+ Stored XSS — WordPress Slider Block GutensliderCWE-79 5.4 -2021-09-20
CVE-2021-24639 OMGF < 4.5.4 - Subscriber+ Arbitrary File/Folder Deletion — OMGF | Host Google Fonts LocallyCWE-862 8.1 -2021-09-20
CVE-2021-24638 OMGF < 4.5.4 - Unauthenticated Path Traversal in REST API — OMGF | Host Google Fonts LocallyCWE-22 9.1 -2021-09-20
CVE-2021-24637 Fonts Plugin < 3.0.3 - Contributor+ Stored Cross-Site Scripting — Fonts Plugin | Google Fonts TypographyCWE-79 5.4 -2021-09-20
CVE-2021-24636 Print My Blog < 3.4.2 - Plugin Deactivation via CSRF — Print My Blog – Print, PDF, & eBook Converter WordPress PluginCWE-352 8.1 -2021-09-20
CVE-2021-24635 Visual Link Preview < 2.2.3 - Unauthorised AJAX Calls — Visual Link PreviewCWE-284 5.4 -2021-09-20
CVE-2021-24618 Donate With QRCode < 1.4.5 - Stored Cross-Site Scripting — Donate With QRCodeCWE-79 5.4 -2021-09-20
CVE-2021-24613 Post Views Counter < 1.3.5 - Authenticated Stored XSS — Post Views CounterCWE-79 4.8 -2021-09-20
CVE-2021-24609 WP Mapa Politico Espana < 3.7.0- Authenticated Stored XSS — WP Mapa Politico EspañaCWE-79 4.8 -2021-09-20
CVE-2021-24606 Availability Calendar < 1.2.1 - Authenticated SQL Injection — Availability CalendarCWE-89 8.8 -2021-09-20
CVE-2021-24604 Availability Calendar < 1.2.2 - Authenticated Stored Cross-Site Scripting — Availability CalendarCWE-79 4.8 -2021-09-20
CVE-2021-24600 WP Dialog <= 1.2.5.5 - Authenticated Stored Cross-Site Scripting — WP DialogCWE-79 4.8 -2021-09-20
CVE-2021-24597 You Shang <= 1.0.1 - Authenticated Stored Cross-Site Scripting — 有赏 You ShangCWE-79 5.4 -2021-09-20
CVE-2021-24596 youForms for WordPress <= 1.0.5 - Authenticated Stored Cross-Site Scripting — youForms for WordPress – Creating Forms for CopeCartCWE-79 4.8 -2021-09-20
CVE-2021-24587 Splash Header < 1.20.8 - Authenticated Stored Cross-Site Scripting (XSS) — Splash HeaderCWE-79 5.4 -2021-09-20
CVE-2021-24585 Timetable and Event Schedule by MotoPress < 2.4.0 - Arbitrary User's Hashed Password/Email/Username Disclosure — Timetable and Event Schedule by MotoPressCWE-200 6.5 -2021-09-20
CVE-2021-24584 Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Update — Timetable and Event Schedule by MotoPressCWE-352 5.4 -2021-09-20
CVE-2021-24583 Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Deletion — Timetable and Event Schedule by MotoPressCWE-284 3.5 -2021-09-20
CVE-2021-24582 ThinkTwit < 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS) — ThinkTwitCWE-79 5.4 -2021-09-20
CVE-2021-24530 Alojapro Widget <= 1.1.15 - Authenticated Stored Cross-Site Scripting (XSS) — Alojapro WidgetCWE-79 4.8 -2021-09-20

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.