Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4152

Browse all 4152 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Autoptimize Form Maker by 10Web wp-affiliate-platform wp-cart-for-digital-products Yi Technology VikBooking Hotel Booking Engine & PMS Popup box Frontend File Manager Plugin WP MultiTasking Salon booking system Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery WPQA Builder MapPress Maps for WordPress EventPrime Blog2Social: Social Media Auto Post & Scheduler Ditty
CVE IDTitleCVSSSeverityPublished
CVE-2023-0098 Simple URLs < 115 - Subscriber+ SQLi — Simple URLs 8.8 -2023-02-13
CVE-2023-0061 Judge.me Product Reviews for WooCommerce < 1.3.21 - Contributor+ Stored XSS — Judge.me Product Reviews for WooCommerce 5.4 -2023-02-13
CVE-2022-4546 Mapwiz <= 1.0.1 - Admin+ SQLi — Mapwiz 7.2 -2023-02-13
CVE-2023-0333 TemplatesNext ToolKit < 3.2.9 - Contributor+ Stored XSS — TemplatesNext ToolKit 5.4 -2023-02-13
CVE-2023-0260 WP Review Slider < 12.2 - Subscriber+ SQLi — WP Review Slider 8.8 -2023-02-13
CVE-2023-0169 Zoho Forms < 3.0.1 - Contributor+ Stored XSS — Form plugin for WordPress 5.4 -2023-02-13
CVE-2022-4458 Amr Shortcode Any Widget <= 4.0 - Contributor+ Stored XSS — amr shortcode any widget 5.4 -2023-02-13
CVE-2023-0261 WP TripAdvisor Review Slider < 10.8 - Subscriber+ SQLi — WP TripAdvisor Review Slider 8.8 -2023-02-13
CVE-2023-0373 Lightweight Accordion < 1.5.15 - Contributor+ Stored XSS — Lightweight Accordion 5.4 -2023-02-13
CVE-2022-4551 Rich Table of Contents < 1.3.9 - Contributor+ Stored XSS — Rich Table of Contents 5.4 -2023-02-13
CVE-2023-0220 Pinpoint Booking System < 2.9.9.2.9 - Subscriber+ SQLi — Pinpoint Booking System 8.8 -2023-02-13
CVE-2022-4678 TemplatesNext ToolKit < 3.2.8 - Contributor+ Stored XSS via Shortcode — TemplatesNext ToolKit 5.4 -2023-02-13
CVE-2023-0060 Responsive Gallery Grid < 2.3.9 - Contributor+ Stored XSS — Responsive Gallery Grid 5.4 -2023-02-13
CVE-2023-0099 Simple URLs < 115 - Multiple Reflected XSS — Simple URLs 6.1 -2023-02-13
CVE-2022-4448 GiveWP < 2.24.0 - Contributor+ Stored XSS — GiveWP 5.4 -2023-02-13
CVE-2022-4628 Easy PayPal Buy Now Button < 1.7.4 - Contributor+ Stored XSS in Shortcode — Easy PayPal Buy Now Button 5.4 -2023-02-13
CVE-2023-0159 Extensive VC Addons for WPBakery page builder < 1.9.1 - Unauthenticated RCE — Extensive VC Addons for WPBakery page builder 7.5 -2023-02-13
CVE-2023-0270 YaMaps for WordPress Plugin < 0.6.26 - Contributor+ Stored XSS — YaMaps for WordPress Plugin 5.4 -2023-02-13
CVE-2023-0362 Themify Portfolio Post < 1.2.2 - Contributor+ Stored XSS — Themify Portfolio Post 5.4 -2023-02-13
CVE-2022-4445 FL3R FeelBox <= 8.1 - Unauthenticated SQLi — FL3R FeelBox 9.8 -2023-02-13
CVE-2022-4783 Youtube Channel Gallery <= 2.4 - Contributor+ Stored XSS via Shortcode — Youtube Channel Gallery 5.4 -2023-02-13
CVE-2022-4473 Widget Shortcode <= 0.3.5 - Contributor+ Stored XSS — Widget Shortcode 5.4 -2023-02-13
CVE-2023-0379 Spotlight Social Feeds < 1.4.3 - Contributor+ Stored XSS — Spotlight Social Feeds [Block, Shortcode, and Widget] 5.4 -2023-02-13
CVE-2022-2094 Yellow Yard Searchbar < 2.8.2 - Reflected Cross-Site Scripting — Yellow Yard Searchbar 6.1 -2023-02-08
CVE-2022-4626 PPWP – WordPress Password Protect Page < 1.8.6 - Contributor+ Stored XSS in Shortcode — PPWP 5.4 -2023-02-06
CVE-2023-0252 Contextual Related Posts < 3.3.1 - Contributor+ Stored XSS — Contextual Related Posts 5.4 -2023-02-06
CVE-2022-4489 WOOF - Products Filter for WooCommerce < 1.3.2 - Admin+ PHP Object Injection — HUSKY 7.2 -2023-02-06
CVE-2023-0072 WC Vendors Marketplace < 2.4.5 - Contributor+ Stored XSS — WC Vendors Marketplace 5.4 -2023-02-06
CVE-2022-4826 Simple Tooltips < 2.1.4 - Contributor+ Stored XSS via Shortcode — Simple Tooltips 5.4 -2023-02-06
CVE-2023-0176 Giveaways and Contests by RafflePress < 1.11.3 - Contributor+ Stored XSS — Giveaways and Contests by RafflePress 5.4 -2023-02-06

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.