Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4152

Browse all 4152 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Autoptimize Form Maker by 10Web wp-affiliate-platform wp-cart-for-digital-products Yi Technology VikBooking Hotel Booking Engine & PMS Popup box Frontend File Manager Plugin WP MultiTasking Salon booking system Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery WPQA Builder MapPress Maps for WordPress EventPrime Blog2Social: Social Media Auto Post & Scheduler Ditty
CVE IDTitleCVSSSeverityPublished
CVE-2023-0890 Shortcodes Ultimate < 5.12.8 - Subscriber+ Arbitrary Post Access — WordPress Shortcodes Plugin — Shortcodes Ultimate 6.5 -2023-03-20
CVE-2023-0865 WooCommerce Multiple Customer Addresses & Shipping < 21.7 - Arbitrary Address Creation/Deletion/Access/Update via IDOR — WooCommerce Multiple Customer Addresses & Shipping 8.1 -2023-03-20
CVE-2023-0364 real.Kit < 5.1.1 - Contributor+ Stored XSS — real.Kit 5.4 -2023-03-20
CVE-2023-0630 Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection — Slimstat Analytics 8.8 -2023-03-20
CVE-2023-0145 Saan World Clock <= 1.8 - Contributor+ Stored XSS — Saan World Clock 5.4 -2023-03-20
CVE-2023-0369 GoToWP <= 5.1.1 - Contributor+ Stored XSS — GoToWP 5.4 -2023-03-20
CVE-2023-0631 Paid Memberships Pro < 2.9.12 - Subscriber+ SQL Injection — Paid Memberships Pro 8.8 -2023-03-20
CVE-2023-0365 React Webcam <= 1.2.0 - Contributor+ Stored XSS — React Webcam 5.4 -2023-03-20
CVE-2023-0175 Smart Logo Showcase Lite <= 1.1.9 - Contributor+ Stored XSS — Responsive Clients Logo Gallery Plugin for WordPress 5.4 -2023-03-20
CVE-2023-0876 WP Meta SEO < 4.5.3 - Subscriber+ Improper Authorization causing Arbitrary Redirect — WP Meta SEO 4.7 -2023-03-20
CVE-2022-3894 WP OAuth Server < 4.2.5 - Arbitrary Post Deletion via CSRF — WP OAuth Server (OAuth Authentication) 6.5 -2023-03-20
CVE-2022-4466 WordPress Infinite Scroll - Ajax Load More < 5.6.0.3 - Contributor+ Stored XSS — WordPress Infinite Scroll 5.4 -2023-03-13
CVE-2023-0073 Client Logo Carousel <= 3.0.0 - Contributor+ Stored XSS — Client Logo Carousel 5.4 -2023-03-13
CVE-2023-0219 FluentSMTP < 2.2.3 - Stored XSS via Email Logs — FluentSMTP 5.4 -2023-03-13
CVE-2023-0844 Namaste! LMS < 2.6 - Admin+ Stored XSS — Namaste! LMS 4.8 -2023-03-13
CVE-2022-4661 Woo Products Widgets For Elementor < 1.0.8 - Contributor+ Stored XSS via Shortcode — Widgets for WooCommerce Products on Elementor 5.4 -2023-03-13
CVE-2023-0538 Campaign URL Builder < 1.8.2 - Contributor+ Stored XSS — Campaign URL Builder 5.4 -2023-03-13
CVE-2023-0172 Juicer < 1.11 - Contributor+ Stored XSS — Embed, curate & aggregate social media feeds into your website using JUICER 5.4 -2023-03-13
CVE-2023-0037 10WebMapBuilder < 1.0.73 - Unauthenticated SQLi — 10Web Map Builder for Google Maps 9.8 -2023-03-13
CVE-2023-0772 Popup Builder by OptinMonster < 2.12.2 - Subscriber+ Arbitrary Post Content Disclosure — Popup Builder by OptinMonster 6.5 -2023-03-13
CVE-2023-0749 Ocean Extra < 2.1.3 - Subscriber+ Arbitrary Post Content Disclosure — Ocean Extra 6.5 -2023-03-13
CVE-2022-4652 Video Background < 2.7.5 - Contributor+ Stored XSS via Shortcode — Video Background 5.4 -2023-03-13
CVE-2023-0066 Companion Sitemap Generator <= 4.5.1.1 - Contributor+ Stored XSS — Companion Sitemap Generator 5.4 -2023-03-13
CVE-2023-0477 Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload — Auto Featured Image (Auto Post Thumbnail) 8.8 -2023-03-13
CVE-2023-0069 WPaudio MP3 Player <= 4.0.2 - Contributor+ Stored XSS — WPaudio MP3 Player 5.4 -2023-03-06
CVE-2023-0065 i2 Pros & Cons <= 1.3.1 - Contributor+ Stored XSS — i2 Pros & Cons 5.4 -2023-03-06
CVE-2023-0064 eVision Responsive Column Layout Shortcodes <= 2.3 - Contributor+ Stored XSS — eVision Responsive Column Layout Shortcodes 5.4 -2023-03-06
CVE-2023-0377 Scriptless Social Sharing < 3.2.2 - Contributor+ Stored XSS — Scriptless Social Sharing 5.4 -2023-03-06
CVE-2022-4328 WooCommerce Checkout Field Manager < 18.0 - Unauthenticated Arbitrary File Upload — WooCommerce Checkout Field Manager 9.8 -2023-03-06
CVE-2023-0212 Advanced Recent Posts <= 0.6.14 - Contributor+ Stored XSS — Advanced Recent Posts 5.4 -2023-03-06

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.