Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4151

Browse all 4151 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

“Unknown” represents a broad category of unclassified or poorly documented software components, currently associated with 4,141 recorded CVEs. These vulnerabilities typically stem from legacy architectures or proprietary systems lacking transparent security audits. Common flaw classes include remote code execution, cross-site scripting, and privilege escalation, often resulting from inadequate input validation or hardcoded credentials. Due to the opaque nature of these products, detailed security characteristics are frequently absent, making risk assessment difficult for organizations. Major incidents involving “Unknown” entities often highlight systemic failures in patch management and vendor accountability. The sheer volume of vulnerabilities suggests widespread reliance on unsupported or obscure technologies within critical infrastructure. Addressing these risks requires rigorous inventory management and proactive threat hunting, as standard mitigation strategies may not apply to such undefined software ecosystems.

Top products by unknown: Contest Gallery Download Manager Tutor LMS – eLearning and online course solution Modern Events Calendar Lite EventON wp-eMember AI ChatBot Logo Slider Elementor Website Builder Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPress Welcart e-Commerce Photo Gallery by 10Web Autoptimize wp-affiliate-platform wp-cart-for-digital-products Form Maker by 10Web Booster for WooCommerce Yi Technology WPQA Builder VikBooking Hotel Booking Engine & PMS Frontend File Manager Plugin EventPrime Popup box WP MultiTasking Salon booking system Photo Gallery by 10Web – Mobile-Friendly Image Gallery Simple Download Monitor MapPress Maps for WordPress wpb-show-core Ninja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-3489 WP Hide <= 0.0.2 - Unauthenticated Settings Update — Wp-HideCWE-862 5.3 -2022-11-07
CVE-2022-3494 Complianz (Free < 6.3.4, Premium < 6.3.6) - Translator SQLi — Complianz – GDPR/CCPA Cookie ConsentCWE-89 8.8 -2022-11-07
CVE-2022-3536 Role Based Pricing for WooCommerce < 1.6.3 - Subscriber+ PHAR Deserialization — Role Based Pricing for WooCommerceCWE-502 8.8 -2022-11-07
CVE-2022-3537 Role Based Pricing for WooCommerce < 1.6.2 - Subscriber+ Arbitrary File Upload — Role Based Pricing for WooCommerceCWE-434 8.8 -2022-11-07
CVE-2022-3558 Import and export users and customers < 1.20.5 - Subscriber+ CSV Injection — Import and export users and customersCWE-1236 8.0 -2022-11-07
CVE-2022-2167 Newspaper < 12 - Reflected Cross-Site Scripting — NewspaperCWE-79 6.1 -2022-10-31
CVE-2022-2190 Envira Gallery Lite < 1.8.4.7 - Reflected Cross-Site Scripting — Gallery Plugin for WordPress – Envira Photo GalleryCWE-79 6.1 -2022-10-31
CVE-2022-2627 Newspaper < 12 - Reflected Cross-Site Scripting — NewspaperCWE-79 6.1 -2022-10-31
CVE-2022-3096 WP Total Hacks <= 4.7.2 - Subscriber+ Arbitrary Options Update to Stored XSS — WP Total HacksCWE-862 5.4 -2022-10-31
CVE-2022-3237 WP Contact Slider < 2.4.8 - Admin+ Stored Cross-Site Scripting — WP Contact SliderCWE-79 4.8 -2022-10-31
CVE-2022-3254 AWP Classifieds Plugin < 4.3 - Unauthenticated SQLi — WordPress Classifieds Plugin – Ad Directory & Listings by AWP ClassifiedsCWE-89 9.8 -2022-10-31
CVE-2022-3334 Easy WP SMTP < 1.5.0 - Admin+ PHP Objection Injection — Easy WP SMTPCWE-502 7.2 -2022-10-31
CVE-2022-3357 Smart Slider 3 < 3.5.1.11 - PHP Object Injection — Smart Slider 3CWE-502 9.8 -2022-10-31
CVE-2022-3360 LearnPress < 4.1.7.2 - Unauthenticated PHP Object Injection via REST API — LearnPress – WordPress LMS PluginCWE-502 8.1 -2022-10-31
CVE-2022-3366 PublishPress Capabilities < 2.5.2 - Admin+ PHP Objection Injection — PublishPress Capabilities – User Role Access, Editor Permissions, Admin MenusCWE-502 7.2 -2022-10-31
CVE-2022-3374 Ocean Extra < 2.0.5 - Admin+ PHP Objection Injection — Ocean ExtraCWE-502 7.2 -2022-10-31
CVE-2022-3380 Customizer Export/Import < 0.9.5 - Admin+ PHP Objection Injection — Customizer Export/ImportCWE-502 7.2 -2022-10-31
CVE-2022-3408 WP Word Count <= 3.2.3 - Admin+ Stored Cross-Site Scripting — WP Word CountCWE-79 4.8 -2022-10-31
CVE-2022-3419 Automatic User Roles Switcher < 1.1.2 - Subscriber+ Privilege Escalation — Automatic User Roles SwitcherCWE-269 6.5 -2022-10-31
CVE-2022-3420 Official Integration for Billingo < 3.4.0 - ShopManager+ Stored XSS — Official Integration for BillingoCWE-79 4.8 -2022-10-31
CVE-2022-3440 Rock Convert < 2.6.0 - Reflected Cross-Site Scripting — Rock ConvertCWE-79 6.1 -2022-10-31
CVE-2022-3441 Rock Convert < 2.11.0 - Admin+ Stored Cross-Site Scripting — Rock ConvertCWE-79 4.8 -2022-10-31
CVE-2022-2762 AdminPad < 2.2 - Note Update via CSRF — AdminPadCWE-352 6.5 -2022-10-25
CVE-2022-3097 LBStopAttack < 1.1.3 - Arbitrary Settings Update via CSRF — Plugin LBstopattack 8.1 -2022-10-25
CVE-2022-3246 Blog2Social < 6.9.10 - Subscriber+ SQLi — Blog2Social: Social Media Auto Post & SchedulerCWE-89 8.8 -2022-10-25
CVE-2022-3247 Blog2Social < 6.9.10 - Subscriber+ SSRF — Blog2Social: Social Media Auto Post & SchedulerCWE-918 8.1 -2022-10-25
CVE-2022-3300 Form Maker by 10Web < 1.15.6 - Admin+ SQLI — Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form BuilderCWE-89 7.2 -2022-10-25
CVE-2022-3302 Anti-Spam by CleanTalk < 5.185.1 - Admin+ SQLi — Spam protection, AntiSpam, FireWall by CleanTalkCWE-89 7.2 -2022-10-25
CVE-2022-3335 Kadence WooCommerce Email Designer < 1.5.7 - Admin+ PHP Objection Injection — Kadence WooCommerce Email DesignerCWE-502 7.2 -2022-10-25
CVE-2022-3350 Contact Bank <= 3.0.30 - Admin+ Stored Cross-Site Scripting — Contact Bank – Contact Form Builder for WordPressCWE-79 4.8 -2022-10-25

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.