Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4143

Browse all 4143 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by unknown: Contest Gallery Download Manager EventON Tutor LMS – eLearning and online course solution Modern Events Calendar Lite AI ChatBot wp-eMember Logo Slider Welcart e-Commerce Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Photo Gallery by 10Web Booster for WooCommerce Form Maker by 10Web Yi Technology wp-affiliate-platform wp-cart-for-digital-products Autoptimize Simple Download Monitor MapPress Maps for WordPress Salon booking system VikBooking Hotel Booking Engine & PMS WPQA Builder Frontend File Manager Plugin Photo Gallery by 10Web – Mobile-Friendly Image Gallery EventPrime Popup box WP MultiTasking wpb-show-core Transposh WordPress Translation
CVE IDTitleCVSSSeverityPublished
CVE-2022-4872 WooCommerce Chained Products < 2.12.0 - Unauthenticated Arbitrary Options Update to 'no' — Chained Products 4.3 -2023-01-30
CVE-2023-0071 WP Tabs < 2.1.17 - Contributor+ Stored XSS — WP Tabs 5.4 -2023-01-30
CVE-2022-4794 AAWP < 3.12.3 - Unsafe URL Handling — AAWP 7.5 -2023-01-30
CVE-2022-4828 Bold Timeline Lite < 1.1.5 - Contributor+ Stored XSS via Shortcode — Bold Timeline Lite 5.4 -2023-01-30
CVE-2022-4306 Panda Pods Repeater Field < 1.5.4 - Reflected XSS — Panda Pods Repeater Field 5.4 -2023-01-30
CVE-2022-4776 CC Child Pages < 1.43 - Contributor+ Stored XSS via Shortcode — CC Child Pages 5.4 -2023-01-30
CVE-2022-0316 Multiple themes - Unauthenticated Arbitrary File Upload — WeStand 9.8 -2023-01-23
CVE-2022-4775 GeoDirectory < 2.2.22 - Contributor+ Stored XSS via Shortcode — GeoDirectory 5.4 -2023-01-23
CVE-2022-4718 Landing Page Builder < 1.4.9.9 - Contributor+ Cross-Site Scripting via Shortcode — Landing Page Builder 5.4 -2023-01-23
CVE-2021-24837 Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting — Passster 5.4 -2023-01-23
CVE-2022-4542 Compact WP Audio Player < 1.9.8 - Contributor+ Stored XSS — Compact WP Audio Player 5.4 -2023-01-23
CVE-2022-4485 Page-list < 5.3 - Contributor+ Stored XSS — Page-list 5.4 -2023-01-23
CVE-2022-4305 Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin — Login as User or Customer 9.8 -2023-01-23
CVE-2022-4650 HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode — HashBar 5.4 -2023-01-23
CVE-2022-4715 Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode — Structured Content (JSON-LD) #wpsc 5.4 -2023-01-23
CVE-2022-4017 Booster for WooCommerce - Multiple CSRF — Booster for WooCommerce 8.8 -2023-01-23
CVE-2022-4693 User Verification < 1.0.94 - Authentication Bypass — User Verification 9.8 -2023-01-23
CVE-2022-4758 10WebMapBuilder < 1.0.72 - Contributor+ Stored XSS via Shortcode — 10WebMapBuilder 5.4 -2023-01-23
CVE-2022-4467 Search & Filter < 1.2.16 - Contributor+ Stored XSS — Search & Filter 5.4 -2023-01-23
CVE-2022-4627 ShiftNav – Responsive Mobile Menu < 1.7.2 - Contributor+ Stored XSS in Shortcode — ShiftNav 5.4 -2023-01-23
CVE-2022-4303 WP Limit Login Attempts <= 2.6.4 - IP Spoofing — WP Limit Login Attempts 7.5 -2023-01-23
CVE-2022-4790 WP Google My Business Auto Publish < 3.4 - Contributor+ Stored XSS via Shortcode — WP Google My Business Auto Publish 5.4 -2023-01-23
CVE-2022-4753 Print-O-Matic < 2.1.8 - Contributor+ Stored XSS via Shortcode — Print-O-Matic 5.4 -2023-01-23
CVE-2022-4323 Google Analyticator < 6.5.6 - Admin+ PHP Object Injection — Analyticator 7.2 -2023-01-23
CVE-2022-4548 Optimize images ALT Text (alt tag) & names for SEO using AI < 2.0.8 - Settings Update via CSRF — Optimize images ALT Text (alt tag) & names for SEO using AI 6.5 -2023-01-23
CVE-2022-4509 Content Control < 1.1.10 - Contributor+ Stored XSS — Content Control 5.4 -2023-01-23
CVE-2022-3425 Google Analyticator < 6.5.6 - Admin+ PHP Object Injection — Analyticator 7.2 -2023-01-23
CVE-2022-4230 WP Statistics < 13.2.9 - Authenticated SQLi — WP Statistics 8.8 -2023-01-23
CVE-2022-4545 Sitemap < 4.4 - Contributor+ Stored XSS — Sitemap 5.4 -2023-01-23
CVE-2022-4706 Genesis Columns Advanced < 2.0.4 - Contributor+ Stored XSS via Shortcode — Genesis Columns Advanced 5.4 -2023-01-23

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.