Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4148

Browse all 4148 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Autoptimize Form Maker by 10Web wp-affiliate-platform wp-cart-for-digital-products Yi Technology WPQA Builder Simple Download Monitor Salon booking system MapPress Maps for WordPress Photo Gallery by 10Web – Mobile-Friendly Image Gallery Frontend File Manager Plugin Popup box EventPrime VikBooking Hotel Booking Engine & PMS WP MultiTasking GiveWP – Donation Plugin and Fundraising Platform Ditty
CVE IDTitleCVSSSeverityPublished
CVE-2022-4265 Replyable < 2.2.10 - Subscriber+ PHP Object Injection — Replyable 8.1 -2023-03-06
CVE-2023-0328 WPCode < 2.0.7 - Contributor+ WPCode Library Auth Key Update/Deletion — WPCode 4.3 -2023-03-06
CVE-2023-0076 Download Attachments < 1.3 - Contributor+ Stored XSS — Download Attachments 5.4 -2023-03-06
CVE-2023-0331 Correos Oficial <= 1.2.0.2 - Unauthenticated Arbitrary File Download — Correos Oficial 7.5 -2023-02-27
CVE-2023-0043 Custom Add User <= 2.0.2 - Reflected Cross-Site Scripting — Custom Add User 6.1 -2023-02-27
CVE-2023-0278 GeoDirectory < 2.2.24 - Admin+ SQLi — GeoDirectory 7.2 -2023-02-27
CVE-2023-0487 My Sticky Elements < 2.0.9 - Admin+ SQLi — All-in-one Floating Contact Form, Call, Chat, and 50+ Social Icon Tabs 7.2 -2023-02-27
CVE-2023-0279 Media Library Assistant < 3.06 - Admin+ SQLi — Media Library Assistant 7.2 -2023-02-27
CVE-2023-0535 Donation Block For PayPal < 2.1.0 - Contributor+ Stored XSS — Donation Block For PayPal 5.4 -2023-02-27
CVE-2022-4550 User Activity <= 1.0.1 - IP Spoofing — User Activity 7.5 -2023-02-27
CVE-2022-4679 Wufoo Shortcode < 1.52 - Contributor+ Stored XSS via Shortcode — Wufoo Shortcode 5.4 -2023-02-27
CVE-2023-0539 GS Insever Portfolio < 1.4.5 - Contributor+ Stored XSS — GS Insever Portfolio 5.4 -2023-02-27
CVE-2022-4788 Embed PDF <= 1.0.6 - Contributor+ Stored XSS via Shortcode — Embed PDF 5.4 -2023-02-27
CVE-2023-0543 Arigato Autoresponder and Newsletter < 2.1.7.2 - Admin+ Stored XSS — Arigato Autoresponder and Newsletter 4.8 -2023-02-27
CVE-2023-0168 Olevmedia Shortcodes <= 1.1.9 - Contributor+ Stored XSS — Olevmedia Shortcodes 5.4 -2023-02-27
CVE-2023-0381 GigPress <= 2.3.28 - Subscriber+ SQLi — GigPress 8.8 -2023-02-27
CVE-2023-0552 Pie Register < 3.8.2.3 - Open Redirect — Registration Forms 5.4 -2023-02-27
CVE-2022-4757 List Pages Shortcode < 1.7.6 - Contributor+ Stored XSS via Shortcode — List Pages Shortcode 5.4 -2023-02-27
CVE-2022-4829 Show-Hide / Collapse-Expand < 1.3.0 - Contributor+ Stored XSS via Shortcode — Show-Hide / Collapse-Expand 5.4 -2023-02-27
CVE-2022-4795 Galleries by Angie Makes <= 1.67 - Contributor+ Stored XSS via Shortcode — Galleries by Angie Makes 5.4 -2023-02-27
CVE-2023-0548 Namaste! LMS < 2.5.9.4 - Admin+ Stored XSS — Namaste! LMS 4.8 -2023-02-27
CVE-2023-0230 VK All in One Expansion Unit < 9.86.0.0 - Contributor+ Stored XSS — VK All in One Expansion Unit 5.4 -2023-02-27
CVE-2023-0334 ShortPixel Adaptive Images < 3.6.3 - Reflected XSS — ShortPixel Adaptive Images 6.1 -2023-02-27
CVE-2023-0442 Loan Comparison < 1.5.2 - Reflected XSS via shortcode — Loan Comparison 6.1 -2023-02-21
CVE-2022-4714 WP Dark Mode < 4.0.0 - Contributor+ Stored XSS in Shortcode — WP Dark Mode 5.4 -2023-02-21
CVE-2023-0419 Shortcode for Font Awesome < 1.4.1 - Contributor+ Stored XSS — Shortcode for Font Awesome 5.4 -2023-02-21
CVE-2022-4754 Easy Social Box <= 4.1.2 - Contributor+ Stored XSS via Shortcode — Easy Social Box / Page Plugin 5.4 -2023-02-21
CVE-2022-4386 Intuitive Custom Post Order < 3.1.4 - Arbitrary Menu Order Update via CSRF — Intuitive Custom Post Order 4.3 -2023-02-21
CVE-2023-0232 ShopLentor < 2.5.4 - PHP Object Injection — ShopLentor 9.8 -2023-02-21
CVE-2023-0059 Youzify < 1.2.2 - Contributor+ Stored XSS — Youzify 5.4 -2023-02-21

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.