Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4148

Browse all 4148 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Autoptimize Form Maker by 10Web wp-affiliate-platform wp-cart-for-digital-products Yi Technology WPQA Builder Simple Download Monitor Salon booking system MapPress Maps for WordPress Photo Gallery by 10Web – Mobile-Friendly Image Gallery Frontend File Manager Plugin Popup box EventPrime VikBooking Hotel Booking Engine & PMS WP MultiTasking GiveWP – Donation Plugin and Fundraising Platform Ditty
CVE IDTitleCVSSSeverityPublished
CVE-2021-24670 CoolClock < 4.3.5 - Contributor+ Stored Cross-Site Scripting — CoolClock – a Javascript Analog ClockCWE-79 5.4 -2021-09-27
CVE-2021-24666 Podlove Podcast Publisher < 3.5.6 - Unauthenticated SQL Injection — Podlove Podcast PublisherCWE-89 9.8 -2021-09-27
CVE-2021-24661 PostX Gutenberg Blocks Saved Templates Addon < 2.4.10 - Private Content Disclosure — PostX – Gutenberg Blocks for Post GridCWE-200 4.3 -2021-09-27
CVE-2021-24660 PostX Gutenberg Blocks Saved Templates Addon < 2.4.10 - Contributor+ Stored Cross-Site Scripting — PostX – Gutenberg Blocks for Post GridCWE-79 5.4 -2021-09-27
CVE-2021-24659 PostX Gutenberg Blocks for Post Grid < 2.4.10 - Contributor+ Stored Cross-Site Scripting — PostX – Gutenberg Blocks for Post GridCWE-79 5.4 -2021-09-27
CVE-2021-24652 PostX Gutenberg Blocks for Post Grid < 2.4.10 - Missing Access Controls — PostX – Gutenberg Blocks for Post GridCWE-863 6.5 -2021-09-27
CVE-2021-24643 WP Map Block < 1.2.3 - Contributor+ Stored Cross-Site Scripting — WP Map Block – Gutenberg Map Block for Google Map and OpenStreet MapCWE-79 5.4 -2021-09-27
CVE-2021-24634 Recipe Card Blocks < 2.8.3 - Contributor+ Stored Cross-Site Scripting — Recipe Card Blocks by WPZOOMCWE-79 5.4 -2021-09-27
CVE-2021-24633 Countdown Block < 1.1.2 - Missing Authorisation in AJAX action — Countdown BlockCWE-862 4.3 -2021-09-27
CVE-2021-24632 Recipe Card Blocks < 2.8.1 - Reflected Cross-Site Scripting — Recipe Card Blocks by WPZOOMCWE-79 6.1 -2021-09-27
CVE-2021-24610 TranslatePress < 2.0.9 - Authenticated Stored Cross-Site Scripting — Translate Multilingual sites – TranslatePressCWE-79 5.4 -2021-09-27
CVE-2021-24569 Cookie Notice & Compliance for GDPR / CCPA < 2.1.2 - Admin+ Stored Cross-Site Scripting — Cookie Notice & Compliance for GDPR / CCPACWE-79 4.8 -2021-09-27
CVE-2021-24741 Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections — Support BoardCWE-89 9.8 -2021-09-20
CVE-2021-24663 Simple School Staff Directory <= 1.1 - Admin+ Arbitrary File Upload — Simple Schools Staff DirectoryCWE-434 7.2 -2021-09-20
CVE-2021-24657 Limit Login Attempts < 4.0.50 - Unauthenticated Stored Cross-Site Scripting — Limit Login AttemptsCWE-79 6.1 -2021-09-20
CVE-2021-24640 Gutenslider < 5.2.0 - Contributor+ Stored XSS — WordPress Slider Block GutensliderCWE-79 5.4 -2021-09-20
CVE-2021-24639 OMGF < 4.5.4 - Subscriber+ Arbitrary File/Folder Deletion — OMGF | Host Google Fonts LocallyCWE-862 8.1 -2021-09-20
CVE-2021-24638 OMGF < 4.5.4 - Unauthenticated Path Traversal in REST API — OMGF | Host Google Fonts LocallyCWE-22 9.1 -2021-09-20
CVE-2021-24637 Fonts Plugin < 3.0.3 - Contributor+ Stored Cross-Site Scripting — Fonts Plugin | Google Fonts TypographyCWE-79 5.4 -2021-09-20
CVE-2021-24636 Print My Blog < 3.4.2 - Plugin Deactivation via CSRF — Print My Blog – Print, PDF, & eBook Converter WordPress PluginCWE-352 8.1 -2021-09-20
CVE-2021-24635 Visual Link Preview < 2.2.3 - Unauthorised AJAX Calls — Visual Link PreviewCWE-284 5.4 -2021-09-20
CVE-2021-24618 Donate With QRCode < 1.4.5 - Stored Cross-Site Scripting — Donate With QRCodeCWE-79 5.4 -2021-09-20
CVE-2021-24613 Post Views Counter < 1.3.5 - Authenticated Stored XSS — Post Views CounterCWE-79 4.8 -2021-09-20
CVE-2021-24609 WP Mapa Politico Espana < 3.7.0- Authenticated Stored XSS — WP Mapa Politico EspañaCWE-79 4.8 -2021-09-20
CVE-2021-24606 Availability Calendar < 1.2.1 - Authenticated SQL Injection — Availability CalendarCWE-89 8.8 -2021-09-20
CVE-2021-24604 Availability Calendar < 1.2.2 - Authenticated Stored Cross-Site Scripting — Availability CalendarCWE-79 4.8 -2021-09-20
CVE-2021-24600 WP Dialog <= 1.2.5.5 - Authenticated Stored Cross-Site Scripting — WP DialogCWE-79 4.8 -2021-09-20
CVE-2021-24597 You Shang <= 1.0.1 - Authenticated Stored Cross-Site Scripting — 有赏 You ShangCWE-79 5.4 -2021-09-20
CVE-2021-24596 youForms for WordPress <= 1.0.5 - Authenticated Stored Cross-Site Scripting — youForms for WordPress – Creating Forms for CopeCartCWE-79 4.8 -2021-09-20
CVE-2021-24587 Splash Header < 1.20.8 - Authenticated Stored Cross-Site Scripting (XSS) — Splash HeaderCWE-79 5.4 -2021-09-20

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.