Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1020 CNY

100%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4151

Browse all 4151 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager Tutor LMS – eLearning and online course solution Modern Events Calendar Lite EventON wp-eMember AI ChatBot Logo Slider Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Welcart e-Commerce Photo Gallery by 10Web Autoptimize wp-affiliate-platform wp-cart-for-digital-products Form Maker by 10Web Booster for WooCommerce Yi Technology WPQA Builder VikBooking Hotel Booking Engine & PMS Frontend File Manager Plugin EventPrime Popup box WP MultiTasking Salon booking system Photo Gallery by 10Web – Mobile-Friendly Image Gallery Simple Download Monitor MapPress Maps for WordPress wpb-show-core Ninja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2023-0388 Random Text <= 0.3.0 - Subscriber+ SQLi — Random Text 8.8 -2023-04-24
CVE-2023-1324 Easy Forms for MailChimp < 6.8.8 - Reflected XSS — Easy Forms for Mailchimp 6.1 -2023-04-24
CVE-2023-0276 Weaver Xtreme Theme Support < 6.2.7 - Contributor+ Stored XSS — Weaver Xtreme Theme Support 5.4 -2023-04-24
CVE-2023-1129 WP FEvents Book <= 0.46 - Subscriber+ Arbitrary Booking Manipulation via IDOR — WP FEvents Book 7.1 -2023-04-24
CVE-2023-0899 Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated Stored XSS — Steveas WP Live Chat Shoutbox 4.8 -2023-04-24
CVE-2023-1020 Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated SQLi — Steveas WP Live Chat Shoutbox 9.8 -2023-04-24
CVE-2023-1420 Ajax Search Lite < 4.11.1, Pro < 4.26.2 - Reflected Cross-Site Scripting — Ajax Search Lite 6.1 -2023-04-24
CVE-2023-0420 Custom Post Type and Taxonomy GUI Manager <= 1.1 - Stored XSS via CSRF — Custom Post Type and Taxonomy GUI Manager 6.1 -2023-04-24
CVE-2023-1473 Responsive WordPress Slideshows 3.29.0 - Reflected XSS — Slider, Gallery, and Carousel by MetaSlider 6.1 -2023-04-17
CVE-2023-1371 W4 Post List < 2.4.6 - Subscriber+ Password Protected Post Content Disclosure — W4 Post List 6.5 -2023-04-17
CVE-2023-1413 WP VR < 8.2.9 - Reflected XSS — WP VR 6.1 -2023-04-17
CVE-2023-1331 Redirection < 1.1.5 - Plugin Reset via CSRF — Redirection 6.5 -2023-04-17
CVE-2023-1274 Pricing Tables For WPBakery Page Builder < 3.0 - Subscriber+ LFI — Pricing Tables For WPBakery Page Builder (formerly Visual Composer) 6.5 -2023-04-17
CVE-2023-0367 Pricing Tables For WPBakery Page Builder < 3.0 - Contributor+ Stored XSS — Pricing Tables For WPBakery Page Builder (formerly Visual Composer) 5.4 -2023-04-17
CVE-2023-1373 W4 Post List < 2.4.6 - Reflected XSS — W4 Post List 6.1 -2023-04-17
CVE-2023-0889 TF Random Numbers < 2.0.1 - Subscriber+ Arbitrary Option Update — Themeflection Numbers 6.5 -2023-04-17
CVE-2023-1427 Photo Gallery by 10Web < 1.8.15 - Admin+ Path Traversal — Photo Gallery by 10Web 4.9 -2023-04-17
CVE-2023-1282 Drag and Drop Multiple File Upload PRO - Reflected Cross-Site Scripting — Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard 6.1 -2023-04-17
CVE-2023-0277 WC Fields Factory <= 4.1.5 - ShopManager+ SQLi — WC Fields Factory 7.2 -2023-04-17
CVE-2023-1325 Easy Forms for MailChimp < 6.8.7 - Contributor+ Stored XSS — Easy Forms for Mailchimp 5.4 -2023-04-17
CVE-2023-0765 Gallery by BestWebSoft < 4.7.0 - Author+ SQL Injection — Gallery by BestWebSoft 8.8 -2023-04-17
CVE-2023-0764 Gallery by BestWebSoft < 4.7.0 - Author+ Stored Cross-Site Scripting — Gallery by BestWebSoft 5.4 -2023-04-17
CVE-2023-0374 W4 Post List < 2.4.6 - Contributor+ Stored XSS — W4 Post List 5.4 -2023-04-17
CVE-2023-1381 WP Meta SEO < 4.5.5 - Author+ PHAR Deserialization — WP Meta SEO 8.8 -2023-04-10
CVE-2023-0546 FluentForms < 4.3.25 - Contributor+ Stored XSS via Custom HTML Form Field — Contact Form Plugin 5.4 -2023-04-10
CVE-2023-0157 All-In-One Security (AIOS) < 5.1.5 - Admin+ Stored XSS — All-In-One Security (AIOS) 4.8 -2023-04-10
CVE-2022-4827 WP Tiles <= 1.1.2 - Contributor+ Stored XSS — WP Tiles 5.4 -2023-04-10
CVE-2023-1121 Simple Giveaways < 2.45.1 - Admin+ Stored Cross-Site Scripting — Simple Giveaways 4.8 -2023-04-10
CVE-2023-0874 Klaviyo <= 3.0.10 - Admin+ Stored XSS — Klaviyo 4.8 -2023-04-10
CVE-2023-0423 WordPress Amazon S3 Plugin < 1.6 - Reflected XSS — WordPress Amazon S3 Plugin 6.1 -2023-04-10

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.