Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2022-4824 WP Blog and Widget < 2.3.1 - Contributor+ Stored XSS via Shortcode — WP Blog and Widgets 5.4 -2023-02-06
CVE-2022-4577 Easy Testimonials < 3.9.3 - Contributor+ Stored XSS — Easy Testimonials 5.4 -2023-02-06
CVE-2023-0178 Annual Archive < 1.6.0 - Contributor+ Stored XSS — Annual Archive 5.4 -2023-02-06
CVE-2022-2546 All-in-One WP Migration < 7.63 - Unauthenticated Reflected XSS — All-in-One WP Migration 4.7 -2023-02-02
CVE-2022-4667 RSS Aggregator by Feedzy < 4.1.1 - Contributor+ Stored XSS — RSS Aggregator by Feedzy 5.4 -2023-01-30
CVE-2022-4671 PixCodes < 2.3.7 - Contributor+ Stored XSS in Shortcode — PixCodes 5.4 -2023-01-30
CVE-2022-4763 Icon Widget < 1.3.0 - Contributor+ Stored XSS via Shortcode — Icon Widget 5.4 -2023-01-30
CVE-2022-4470 Widgets for Google Reviews < 9.8 - Contributor+ Stored XSS — Widgets for Google Reviews 5.4 -2023-01-30
CVE-2022-4831 Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro < 1.8.1 - Contributor+ Stored XSS via Shortcode — Custom User Profile Fields for User Registration & Member Frontend Profiles with Paid Memberships Pro 5.4 -2023-01-30
CVE-2022-4651 Justified Gallery < 1.7.1 - Contributor+ Stored XSS via Shortcode — Justified Gallery 5.4 -2023-01-30
CVE-2023-0033 PDF Viewer < 1.0.0 - Contributor+ Stored XSS via Shortcode — PDF Viewer 5.4 -2023-01-30
CVE-2022-4781 Accordion Shortcodes <= 2.4.2 - Contributor+ Stored XSS via Shortcode — Accordion Shortcodes 5.4 -2023-01-30
CVE-2022-4552 FL3R FeelBox <= 8.1 - Settings Update via CSRF to Stored XSS — FL3R FeelBox 4.7 -2023-01-30
CVE-2022-4765 Portfolio for Elementor, Image Gallery & Post Grid | PowerFolio < 2.3.1 - Contributor+ Stored XSS via Shortcode — Portfolio for Elementor, Image Gallery & Post Grid | PowerFolio 5.4 -2023-01-30
CVE-2022-4749 Posts List Designer by Category < 3.2 - Contributor+ Stored XSS via Shortcode — Posts List Designer by Category 5.4 -2023-01-30
CVE-2022-4837 CPO Companion < 1.1.0 - Contributor+ Stored XSS via Shortcode — CPO Companion 5.4 -2023-01-30
CVE-2023-0097 Post Grid, Post Carousel, & List Category Posts < 2.4.19 - Contributor+ Stored XSS — Post Grid, Post Carousel, & List Category Posts 5.4 -2023-01-30
CVE-2022-4699 MediaElement.js – HTML5 Video & Audio Player <= 4.2.8 - Contributor+ Stored XSS via Shortcode — MediaElement.js 5.4 -2023-01-30
CVE-2023-0074 WP Social Widget < 2.2.4 - Contributor+ Stored XSS — WP Social Widget 5.4 -2023-01-30
CVE-2022-4787 Themify Shortcodes < 2.0.8 - Contributor+ Stored XSS via Shortcode — Themify Shortcodes 5.4 -2023-01-30
CVE-2022-4553 FL3R FeelBox <= 8.1 - Moods Reset via CSRF — FL3R FeelBox 4.3 -2023-01-30
CVE-2022-4680 Revive Old Posts – Social Media Auto Post and Scheduling Plugin < 9.0.11 - PHP Object Injection — Revive Old Posts 7.2 -2023-01-30
CVE-2022-4395 Membership For WooCommerce < 2.1.7 - Unauthenticated Arbitrary File Upload — Membership For WooCommerce 9.8 -2023-01-30
CVE-2022-4792 News & Blog Designer Pack < 3.3 - Contributor+ Stored XSS via Shortcode — News & Blog Designer Pack 5.4 -2023-01-30
CVE-2022-4835 Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode — Social Sharing Toolkit 5.4 -2023-01-30
CVE-2022-4793 Blog Designer – Post and Widget < 2.4.1 - Contributor+ Stored XSS via Shortcode — Blog Designer 5.4 -2023-01-30
CVE-2022-4834 CPT Bootstrap Carousel <= 1.12 - Contributor+ Stored XSS via Shortcode — CPT Bootstrap Carousel 5.4 -2023-01-30
CVE-2022-4654 Pricing Tables WordPress Plugin – Easy Pricing Tables < 3.2.3 - Contributor+ Stored XSS via Shortcode — Pricing Tables WordPress Plugin 5.4 -2023-01-30
CVE-2022-4649 WP Extended Search < 2.1.2 - Contributor+ Stored XSS via Shortcode — WP Extended Search 5.4 -2023-01-30
CVE-2022-4472 Simple Sitemap < 3.5.8 - Contributor+ Stored XSS — Simple Sitemap 5.4 -2023-01-30

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.