Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2024-9882 Salon Booking System < 10.9.4 - Admin+ Stored XSS — Salon Booking System, Appointment Scheduling for Salons, Spas & Small Businesses 4.8AIMediumAI2025-05-15
CVE-2025-0329 AI ChatBot for WordPress – WPBot < 6.2.4 - Admin+ Stored XSS — AI ChatBot for WordPress 4.8AIMediumAI2025-05-15
CVE-2024-9879 Website File Changes < 2.1.1 - Authenticated SQL Injection — Melapress File Monitor 7.2AIHighAI2025-05-15
CVE-2024-9838 Auto Affiliate Links < 6.4.7 - Admin+ SQL Injection — Auto Affiliate Links 7.2AIHighAI2025-05-15
CVE-2024-9831 Taskbuilder < 3.0.9 - Admin+ SQL Injection — Taskbuilder 7.2AIHighAI2025-05-15
CVE-2024-9709 EKC Tournament Manager < 2.2.2 - Create Tournaments/Teams via CSRF — EKC Tournament Manager 4.3AIMediumAI2025-05-15
CVE-2024-9765 EKC Tournament Manager < 2.2.2 - Local File Download Vulnerability — EKC Tournament Manager 4.9AIMediumAI2025-05-15
CVE-2024-9711 EKC Tournament Manager < 2.2.2 - Delete Tournaments via CSRF — EKC Tournament Manager 4.3AIMediumAI2025-05-15
CVE-2024-9663 CYAN Backup < 2.5.3 - Admin+ Stored XSS via Remote Storage Settings — CYAN Backup 4.8AIMediumAI2025-05-15
CVE-2024-9662 CYAN Backup < 2.5.3 - Admin+ Stored XSS via General Settings — CYAN Backup 4.8AIMediumAI2025-05-15
CVE-2024-9599 Popup Box < 4.7.8 - Admin+ Stored XSS — Popup Box 4.8AIMediumAI2025-05-15
CVE-2024-9645 Post Grid and Gutenberg Blocks < 2.2.93 - Contributor+ Stored XSS — Post Grid, Posts Slider, Posts Carousel, Post Filter, Post Masonry 5.4AIMediumAI2025-05-15
CVE-2024-9238 AVIF & SVG Uploader <= 1.1.0 - Author+ Stored XSS via SVG Uplaod — AVIF Uploader 5.4AIMediumAI2025-05-15
CVE-2024-9390 RegistrationMagic < 6.0.2.1 - Stored XSS — RegistrationMagic 4.8AIMediumAI2025-05-15
CVE-2024-9450 Free Booking Plugin for Hotels, Restaurants and Car Rentals – eaSYNC Booking < 1.3.15 - Subscriber+ PayPal Settings Update — Free Booking Plugin for Hotels, Restaurants and Car Rentals 4.3AIMediumAI2025-05-15
CVE-2024-9236 Team Members Showcase < 4.4.2 - Editor+ Stored XSS — Team 4.8AIMediumAI2025-05-15
CVE-2024-9182 Maspik - Advanced Spam protection < 2.1.3 - Admin+ Stored XSS — Maspik 4.8AIMediumAI2025-05-15
CVE-2024-9227 PowerPress Podcasting < 11.9.18 - Author+ XSS — PowerPress Podcasting plugin by Blubrry 4.8AIMediumAI2025-05-15
CVE-2024-9233 GS Logo Slider < 3.7.1 - Settings Update via Cross-Site Request Forgery — Logo Slider 4.3AIMediumAI2025-05-15
CVE-2024-8851 Polls CP <= 1.0.75 - Admin+ Stored Cross-Site Scripting — Polls CP 4.8AIMediumAI2025-05-15
CVE-2024-8759 Nested Pages <= 3.2.8 - Editor+ Stored XSS — Nested Pages 4.8AIMediumAI2025-05-15
CVE-2024-8703 Z-Downloads < 1.11.6 - Unauthenticated Stored XSS — Z-Downloads 6.1AIMediumAI2025-05-15
CVE-2024-8854 Polls CP <= 1.0.75 - Admin+ Stored XSS via Custom Styles — Polls CP 4.8AIMediumAI2025-05-15
CVE-2024-8701 Event Calendar <= 1.0.4 - Admin+ Stored XSS — events-calendar 4.8AIMediumAI2025-05-15
CVE-2024-8700 Event Calendar <= 1.0.4 - Unauthenticated Arbitrary Calendar Deletion — Event Calendar 7.5AIHighAI2025-05-15
CVE-2024-8699 Z-Downloads < 1.11.5 - Admin+ Arbitrary File Upload — Z-Downloads 7.2AIHighAI2025-05-15
CVE-2024-8702 Backup Database <= 4.9 - Admin+ Stored XSS — Backup Database 4.8AIMediumAI2025-05-15
CVE-2024-8670 Photo Gallery by 10Web < 1.8.29 - Admin+ Stored XSS — Photo Gallery by 10Web 4.8AIMediumAI2025-05-15
CVE-2024-8619 Ajax Search Lite <= 4.12.2 - Admin+ Stored XSS — Ajax Search Lite 4.8AIMediumAI2025-05-15
CVE-2024-8673 Z-Downloads < 1.11.7 - Admin+ Stored XSS via SVG Upload — Z-Downloads 9.0AICriticalAI2025-05-15

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.