Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2021-24346 Stock in & out <= 1.0.4 - Reflected Cross-Site Scripting (XSS) — Stock in & outCWE-79 5.4 -2021-06-14
CVE-2021-24347 SP Project & Document Manager <2 4.22 - Authenticated Shell Upload — SP Project & Document ManagerCWE-178 8.8 -2021-06-14
CVE-2021-24348 Side Menu < 3.1.5 - Authenticated (admin+) SQL Injection — Side Menu – add fixed side buttonsCWE-89 7.2 -2021-06-14
CVE-2021-24337 Video Embed <= 1.0 - Authenticated (subscriber+) SQL Injection — Video EmbedCWE-89 8.8 -2021-06-07
CVE-2021-24342 JNews < 8.0.6 - Reflected Cross-Site Scripting (XSS) — JNewsCWE-79 6.1 -2021-06-07
CVE-2021-24343 iFlyChat – WordPress Chat < 4.7.0 - Admin+ Stored Cross-Site Scripting (XSS) — iFlyChat – WordPress ChatCWE-79 5.4 -2021-06-07
CVE-2021-24344 Easy Preloader <= 1.0.0 - Authenticated Stored Cross-Site Scripting (XSS) — Easy PreloaderCWE-79 4.8 -2021-06-07
CVE-2021-24336 FlightLog <= 3.0.2 - Authenticated (editor+) SQL Injection — FlightLogCWE-89 7.2 -2021-06-07
CVE-2021-24328 WP Login Security and History <= 1.0 - CSRF to Stored Cross-Site Scripting (XSS) — WP Login Security and HistoryCWE-352 6.5 -2021-06-01
CVE-2021-24329 WP Super Cache < 1.7.3 - Authenticated Stored Cross-Site Scripting (XSS) — WP Super CacheCWE-79 5.4 -2021-06-01
CVE-2021-24330 Funnel Builder by CartFlows < 1.6.13 - Authenticated Stored XSS via FB Pixel ID and Google Analytics ID — Funnel Builder by CartFlows – Create High Converting Sales Funnels For WordPressCWE-79 4.8 -2021-06-01
CVE-2021-24331 Smooth Scroll Page Up/Down Buttons < 1.4 - Authenticated Stored XSS — Smooth Scroll Page Up/Down ButtonsCWE-79 4.8 -2021-06-01
CVE-2021-24333 Content Copy Protection & Prevent Image Save <= 1.3 - CSRF to Stored Cross-Site Scripting (XSS) — Content Copy Protection & Prevent Image SaveCWE-352 7.1 -2021-06-01
CVE-2021-24334 Instant Images WordPress Plugin < 4.4.0.1 - Authenticated Stored XSS & XFS — Instant Images – One Click Unsplash UploadsCWE-79 6.1 -2021-06-01
CVE-2021-24335 Car Repair Services < 4.0 - Unauthenticated Reflected XSS & XFS — Car Repair Services & Auto MechanicCWE-79 6.1 -2021-06-01
CVE-2021-24313 WP Prayer < 1.6.2 - Authenticated Stored Cross-Site Scripting (XSS) — WP PrayerCWE-79 5.4 -2021-06-01
CVE-2021-24309 Weekly Schedule < 3.4.3 - Authenticated Stored XSS — Weekly ScheduleCWE-79 5.4 -2021-06-01
CVE-2021-24311 External Media < 1.0.34 - Authenticated Arbitrary File Upload — External MediaCWE-434 8.1 -2021-06-01
CVE-2021-24332 Autoptimize < 2.8.4 - Authenticated Stored Cross-Site Scripting (XSS) — AutoptimizeCWE-79 4.8 -2021-05-24
CVE-2021-24297 Goto < 2.1 - Reflected Cross-Site Scripting (XSS) — GotoCWE-79 6.1 -2021-05-24
CVE-2021-24325 404 SEO Redirection <= 1.3 - Reflected Cross-Site Scripting (XSS) — 404 SEO RedirectionCWE-79 6.1 -2021-05-17
CVE-2021-24326 All 404 Redirect to Homepage < 1.21 - Authenticated Reflected Cross-Site Scripting (XSS) — All 404 Redirect to HomepageCWE-79 5.4 -2021-05-17
CVE-2021-24327 SEO Redirection < 6.4 - Authenticated Stored Cross-Site Scripting (XSS) — SEO Redirection Plugin – 301 Redirect ManagerCWE-79 4.8 -2021-05-17
CVE-2021-24324 404 SEO Redirection <= 1.3 - CSRF to Stored Cross-Site Scripting (XSS) — 404 SEO RedirectionCWE-352 6.5 -2021-05-17
CVE-2021-24285 Car Seller - Auto Classifieds Script <= 2.1.0 - Unauthenticated SQL Injection — Car Seller - Auto Classifieds ScriptCWE-89 9.8 -2021-05-14
CVE-2021-24254 College Publisher Import <= 0.1 - Arbitrary File Upload to RCE — College publisher ImportCWE-434 7.2 -2021-05-05
CVE-2021-24252 Event Banner <= 1.3 - Arbitrary File Upload to RCE — Event BannerCWE-434 9.8 -2021-05-05
CVE-2021-24253 Classyfrieds <= 3.8 - Authenticated Arbitrary File Upload to RCE — ClassyfriedsCWE-434 8.8 -2021-05-05
CVE-2021-24293 NextGEN Gallery Pro < 3.1.11 - Reflected Cross-Site Scripting (XSS) — NextGen Gallery ProCWE-79 6.1 -2021-05-05
CVE-2021-24265 Rife Elementor Extensions & Templates < 1.1.6 - Contributor+ Stored XSS — Rife Elementor Extensions & TemplatesCWE-79 5.4 -2021-05-05

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.