Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4169

Browse all 4169 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by Unknown: Contest Gallery Download Manager Modern Events Calendar Lite Tutor LMS – eLearning and online course solution EventON wp-eMember AI ChatBot Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Logo Slider Elementor Website Builder Welcart e-Commerce Form Maker by 10Web wp-cart-for-digital-products Booster for WooCommerce wp-affiliate-platform Photo Gallery by 10Web Autoptimize Yi Technology Salon booking system MapPress Maps for WordPress WPQA Builder Popup box VikBooking Hotel Booking Engine & PMS WP MultiTasking EventPrime Frontend File Manager Plugin Simple Download Monitor Photo Gallery by 10Web – Mobile-Friendly Image Gallery Easy Forms for Mailchimp Newsletter Popup
CVE IDTitleCVSSSeverityPublished
CVE-2022-2913 Login No Captcha reCAPTCHA < 1.7 - IP Check Bypass — Login No Captcha reCAPTCHACWE-639 4.3 -2022-09-16
CVE-2022-2912 Craw Data <= 1.0.0 - Server Side Request Forgery — Craw DataCWE-918 5.3 -2022-09-16
CVE-2022-2877 Titan Anti-spam & Security < 7.3.1 - Protection Bypass due to IP Spoofing — Titan Anti-spam & SecurityCWE-639 5.3 -2022-09-16
CVE-2022-2887 WP Server Health Stats < 1.7.0 - Admin+ Stored Cross-Site Scripting — WP Server Health StatsCWE-79 4.8 -2022-09-16
CVE-2022-2799 Affiliates Manager < 2.9.14 - Admin+ Stored Cross-Site Scripting — Affiliates ManagerCWE-79 4.8 -2022-09-16
CVE-2022-2798 Affiliates Manager < 2.9.14 - Affiliate CSV Injection — Affiliates ManagerCWE-1236 8.0 -2022-09-16
CVE-2022-2737 WP STAGING < 2.9.18 - Admin+ Stored Cross-Site Scripting — WP STAGING – Backup Duplicator & MigrationCWE-79 4.8 -2022-09-16
CVE-2022-2669 WP Taxonomy Import <= 1.0.4 - Reflected Cross-Site Scripting — WP Taxonomy ImportCWE-79 6.1 -2022-09-16
CVE-2022-2654 Classima < 2.1.11 - Reflected Cross-Site Scripting — Classified Listing – Classified ads & Business Directory PluginCWE-79 6.1 -2022-09-16
CVE-2022-2655 Classified Listing Pro < 2.0.20 - Reflected Cross-Site Scripting — Classified Listing Pro - Classified ads & Business Directory PluginCWE-79 6.1 -2022-09-16
CVE-2022-2635 Autoptimize < 3.1.1 - Admin+ Stored Cross Site Scripting — AutoptimizeCWE-79 4.8 -2022-09-16
CVE-2022-2575 WBW Currency Switcher for WooCommerce < 1.6.6 - Admin+ Stored XSS — WBW Currency Switcher for WooCommerceCWE-79 4.8 -2022-09-16
CVE-2022-2351 Post SMTP < 2.1.4 - Admin+ Stored Cross-Site Scripting — Post SMTP Mailer/Email LogCWE-79 4.8 -2022-09-16
CVE-2022-1194 Mobile Events Manager < 1.4.8 - Admin+ CSV Injection — Mobile Events ManagerCWE-1236 8.0 -2022-09-16
CVE-2022-2863 WPvivid Backup < 0.9.76 - Admin+ Arbitrary File Read — Migration, Backup, Staging – WPvividCWE-22 4.9 -2022-09-16
CVE-2022-2775 Fast Flow < 1.2.13 - Admin+ Stored Cross-Site Scripting — Fast FlowCWE-79 4.8 -2022-09-05
CVE-2022-2657 Multivendor Marketplace Solution for WooCommerce < 3.8.12 - Unauthorised AJAX Calls — Multivendor Marketplace Solution for WooCommerce – WC MarketplaceCWE-862 4.3 -2022-09-05
CVE-2022-2565 Best Payments Plugin for WP < 4.2.1 - Unauthenticated Stored Cross-Site Scripting — Simple Payment Donations & Subscriptions Plugin by Paymattic – Best Payments Plugin for WPCWE-79 6.1 -2022-09-05
CVE-2022-2597 Visual Portfolio < 2.19.0 - Contributor+ CSS Injection — Visual Portfolio, Photo Gallery & Post GridCWE-863 5.4 -2022-09-05
CVE-2022-2543 Visual Portfolio < 2.18.0 - Unauthenticated CSS Injection — Visual Portfolio, Photo Gallery & Post GridCWE-862 6.1 -2022-09-05
CVE-2022-2376 Directorist < 7.3.1 - Unauthenticated Email Address Disclosure — Directorist – WordPress Business Directory Plugin with Classified Ads ListingsCWE-862 5.3 -2022-09-05
CVE-2022-2271 WP Database Backup < 5.9 - Admin+ Stored Cross-Site Scripting — WP Database BackupCWE-79 4.8 -2022-09-05
CVE-2022-2083 Simple Single Sign On <= 4.1.0 - Authentication Bypass — Simple Single Sign On 7.5 -2022-09-05
CVE-2022-2599 Anti-Malware Security and Brute-Force Firewall < 4.21.83 - Reflected Cross-Site Scripting — Anti-Malware Security and Brute-Force FirewallCWE-79 6.1 -2022-08-29
CVE-2022-2638 Export All URLs < 4.4 - Admin+ Arbitrary System File Removal — Export All URLsCWE-73 6.5 -2022-08-29
CVE-2022-2374 Simply Schedule Appointments < 1.5.7.7 - Admin+ Stored Cross-Site Scripting — Simply Schedule Appointments – WordPress Booking PluginCWE-79 4.8 -2022-08-29
CVE-2022-2537 WooCommerce PDF Invoices & Packing Slips < 3.0.1 - Reflected Cross-Site Scripting — WooCommerce PDF Invoices & Packing SlipsCWE-79 6.1 -2022-08-29
CVE-2022-2538 WP Hide & Security Enhancer < 1.8 - Reflected Cross-Site Scripting — WP Hide & Security EnhancerCWE-79 6.1 -2022-08-29
CVE-2022-2556 MailChimp for Woocommerce < 2.7.2 - Admin+ SSRF — Mailchimp for WooCommerceCWE-918 2.7 -2022-08-29
CVE-2022-2559 Fluent Support < 1.5.8 - Admin+ SQLi — Fluent Support – WordPress Helpdesk and Customer Support Ticket PluginCWE-89 7.2 -2022-08-29

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.