Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4164

Browse all 4164 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager Tutor LMS – eLearning and online course solution Modern Events Calendar Lite EventON AI ChatBot wp-eMember Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Logo Slider Welcart e-Commerce Photo Gallery by 10Web Autoptimize Booster for WooCommerce wp-cart-for-digital-products wp-affiliate-platform Form Maker by 10Web Yi Technology Salon booking system MapPress Maps for WordPress EventPrime Frontend File Manager Plugin Popup box WP MultiTasking Simple Download Monitor VikBooking Hotel Booking Engine & PMS Photo Gallery by 10Web – Mobile-Friendly Image Gallery WPQA Builder Himer Simple Membership
CVE IDTitleCVSSSeverityPublished
CVE-2023-1282 Drag and Drop Multiple File Upload PRO - Reflected Cross-Site Scripting — Drag and Drop Multiple File Upload PRO - Contact Form 7 Standard 6.1 -2023-04-17
CVE-2023-0277 WC Fields Factory <= 4.1.5 - ShopManager+ SQLi — WC Fields Factory 7.2 -2023-04-17
CVE-2023-1325 Easy Forms for MailChimp < 6.8.7 - Contributor+ Stored XSS — Easy Forms for Mailchimp 5.4 -2023-04-17
CVE-2023-0765 Gallery by BestWebSoft < 4.7.0 - Author+ SQL Injection — Gallery by BestWebSoft 8.8 -2023-04-17
CVE-2023-0764 Gallery by BestWebSoft < 4.7.0 - Author+ Stored Cross-Site Scripting — Gallery by BestWebSoft 5.4 -2023-04-17
CVE-2023-0374 W4 Post List < 2.4.6 - Contributor+ Stored XSS — W4 Post List 5.4 -2023-04-17
CVE-2023-1381 WP Meta SEO < 4.5.5 - Author+ PHAR Deserialization — WP Meta SEO 8.8 -2023-04-10
CVE-2023-0157 All-In-One Security (AIOS) < 5.1.5 - Admin+ Stored XSS — All-In-One Security (AIOS) 4.8 -2023-04-10
CVE-2023-0546 FluentForms < 4.3.25 - Contributor+ Stored XSS via Custom HTML Form Field — Contact Form Plugin 5.4 -2023-04-10
CVE-2022-4827 WP Tiles <= 1.1.2 - Contributor+ Stored XSS — WP Tiles 5.4 -2023-04-10
CVE-2023-1121 Simple Giveaways < 2.45.1 - Admin+ Stored Cross-Site Scripting — Simple Giveaways 4.8 -2023-04-10
CVE-2023-0874 Klaviyo <= 3.0.10 - Admin+ Stored XSS — Klaviyo 4.8 -2023-04-10
CVE-2023-0423 WordPress Amazon S3 Plugin < 1.6 - Reflected XSS — WordPress Amazon S3 Plugin 6.1 -2023-04-10
CVE-2023-0422 Article Directory <= 1.3 - Admin+ Stored XSS — Article Directory 4.8 -2023-04-10
CVE-2023-1120 Simple Giveaways < 2.45.1 - Admin+ Stored XSS — Simple Giveaways 4.8 -2023-04-10
CVE-2023-0156 All-In-One Security (AIOS) < 5.1.5 - Admin+ Arbitrary File/Folder Access via Traversal — All-In-One Security (AIOS) 4.9 -2023-04-10
CVE-2023-1478 Hummingbird < 3.4.2 - Unauthenticated Path Traversal — Hummingbird 9.1 -2023-04-10
CVE-2023-0983 Stylish Cost Calculator Premium < 7.9.0 - Unauthenticated Stored XSS — Stylish Cost Calculator Premium 5.4 -2023-04-10
CVE-2023-1425 Groundhogg Contacts < 2.7.9.4 - Admin+ SQLi — WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg 7.2 -2023-04-10
CVE-2023-0605 Auto Rename Media On Upload < 1.1.0 - Admin+ Stored XSS — Auto Rename Media On Upload 4.8 -2023-04-10
CVE-2023-1426 WP Tiles <= 1.1.2 - Subscriber+ Draft/Private Post Title Disclosure — WP Tiles 6.5 -2023-04-10
CVE-2023-1406 JetEngine < 3.1.3.1 - Author+ Remote Code Execution — JetEngine 9.8 -2023-04-10
CVE-2023-0893 Time Sheets < 1.29.3 - Admin+ Stored XSS — Time Sheets 4.8 -2023-04-10
CVE-2023-1122 Simple Giveaways < 2.45.1 - Editor+ Stored Cross-Site Scripting — Simple Giveaways 4.8 -2023-04-10
CVE-2023-0363 Scheduled Announcements Widget < 1.0 - Contributor+ Stored XSS — Scheduled Announcements Widget 5.4 -2023-04-10
CVE-2023-0399 Image Over Image For WPBakery Page Builder < 3.0 - Contributor+ Stored XSS — Image Over Image For WPBakery Page Builder 5.4 -2023-04-03
CVE-2023-1330 Redirection < 1.1.4 - Redirect Creation via CSRF — Redirection 6.5 -2023-04-03
CVE-2023-1377 Solidres <= 0.9.4 - Multiple Reflected XSS — Solidres 6.1 -2023-04-03
CVE-2023-1124 Shopping Cart & eCommerce Store < 5.4.3 - Admin+ LFI — Shopping Cart & eCommerce Store 7.2 -2023-04-03
CVE-2023-0820 User Role by BestWebSoft < 1.6.7 - Privilege Escalation via CSRF — User Role by BestWebSoft 8.8 -2023-04-03

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.