Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2023-5652 WP Hotel Booking < 2.0.8 - Unauthenticated SQLi — WP Hotel Booking 9.8AICriticalAI2023-11-20
CVE-2023-4799 Magic Embeds < 3.1.2 - Contributor+ Stored XSS via shortcode — Magic Embeds 5.4AIMediumAI2023-11-20
CVE-2023-4808 WP Post Popup <= 3.7.3 - Admin+ Stored XSS — WP Post Popup 4.8AIMediumAI2023-11-20
CVE-2023-4824 WooHoo Newspaper Magazine Theme <= 2.5.3 - Settings Update via CSRF — Woohoo 6.5AIMediumAI2023-11-20
CVE-2023-5140 Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting — Bonus for Woo 6.1AIMediumAI2023-11-20
CVE-2023-4970 PubyDoc <= 2.0.6 - Admin+ Stored XSS — PubyDoc 4.8AIMediumAI2023-11-20
CVE-2023-5340 Five Star Restaurant Menu and Food Ordering < 2.4.11 - Unauthenticated PHP Object Injection — Five Star Restaurant Menu and Food Ordering 9.8AICriticalAI2023-11-20
CVE-2023-5605 URL Shortify < 1.7.9.1 - Admin+ Stored XSS — URL Shortify 4.8 -2023-11-06
CVE-2023-5355 Awesome Support < 6.1.5 - Submitter+ Arbitrary File Deletion — Awesome Support 8.1 -2023-11-06
CVE-2023-5601 WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload — WooCommerce Ninja Forms Product Add-ons 9.8 -2023-11-06
CVE-2023-5530 Ninja Forms < 3.6.34 - Admin+ Stored XSS — Ninja Forms Contact Form 4.8 -2023-11-06
CVE-2023-5181 WP Discord Invite < 2.5.2 - Admin+ Stored Cross Site Scripting — WP Discord Invite 4.8 -2023-11-06
CVE-2023-4858 WP Simple Table Manager Plugin <= 1.5.6 - Admin+ Stored Cross-Site Scripting — Simple Table Manager 4.8 -2023-11-06
CVE-2023-4810 Responsive Pricing Table < 5.1.8 - Admin+ Stored Cross-Site Scriping — Responsive Pricing Table 4.8 -2023-11-06
CVE-2023-4930 Front End PM < 11.4.3 - Sensitive Data Exposure via Directory Listing — Front End PM 7.5 -2023-11-06
CVE-2023-5352 Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply — Awesome Support 4.3 -2023-11-06
CVE-2023-5228 User Registration < 3.0.4.2 - Admin+ Stored XSS — User Registration 4.8 -2023-11-06
CVE-2023-5082 History Log by click5 < 1.0.13 - Admin+ Time-Based Blind SQL Injection — History Log by click5 7.2 -2023-11-06
CVE-2023-5354 Awesome Support < 6.1.5 - Reflected Cross-Site Scripting — Awesome Support 6.1 -2023-11-06
CVE-2023-5454 Templately < 2.2.6 - Arbitrary post trashing via Missing Authorization — Templately 7.5 -2023-11-06
CVE-2023-4250 EventPrime < 3.2.0 - Reflected XSS — EventPrime 6.1 -2023-10-31
CVE-2023-5211 Fattura24 < 6.2.8 - Reflected Cross-Site Scripting — Fattura24 6.1 -2023-10-31
CVE-2023-4836 WordPress File Sharing Plugin < 2.0.5 - Subscriber+ Sensitive Data and Files Exposure via IDOR — WordPress File Sharing Plugin 5.3 -2023-10-31
CVE-2023-4251 EventPrime < 3.2.0 - Booking Creation via CSRF — EventPrime 4.3 -2023-10-31
CVE-2023-5237 Memberlite Shortcodes < 1.3.9 - Contributor+ Stored XSS via Shortcode — Memberlite Shortcodes 5.4 -2023-10-31
CVE-2023-4390 Popup box < 3.7.2 - Admin+ Stored Cross-Site Scripting — Popup box 4.8 -2023-10-31
CVE-2023-5519 EventPrime < 3.2.0 - Booking Creation via CSRF — EventPrime 4.3 -2023-10-31
CVE-2023-5238 EventPrime < 3.2.0 - Reflected HTML Injection on keyword parameter — EventPrime 6.1 -2023-10-31
CVE-2023-5098 Campaign Monitor Forms < 2.5.6 - Subscriber+ Arbitrary Options Update — Campaign Monitor Forms by Optin Cat 7.1 -2023-10-31
CVE-2023-4823 WP Meta and Date Remover < 2.2.0 - Subscriber+ Stored XSS — WP Meta and Date Remover 5.4 -2023-10-31

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.