UNKNOWN — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-3098	Login Block IPs <= 1.0.0 - Arbitrary Setting Update via CSRF — Login Block IPsCWE-352	4.3	-	2022-09-26
CVE-2022-3076	CM Download Manager < 2.8.6 - Admin+ Arbitrary File Upload — CM Download ManagerCWE-434	7.2	-	2022-09-26
CVE-2022-3074	Slider Hero < 8.4.4 - Admin+ Stored Cross-Site Scripting — Slider Hero with Animation, Video BackgroundCWE-79	4.8	-	2022-09-26
CVE-2022-3070	Generate PDF using Contact Form 7 < 3.6 - Admin+ Stored Cross-Site Scripting — Generate PDF using Contact Form 7CWE-79	4.8	-	2022-09-26
CVE-2022-3062	Simple File List < 4.4.12 - Reflected Cross-Site Scripting — Simple File ListCWE-79	6.1	-	2022-09-26
CVE-2022-3069	Wordlift < 3.37.2 - Admin+ Stored Cross-Site Scripting — WordLift – AI powered SEO – SchemaCWE-79	4.8	-	2022-09-26
CVE-2022-3025	Bitcoin / Altcoin Faucet <= 1.6.0 - Settings Update to Stored XSS via CSRF — Bitcoin / Altcoin FaucetCWE-79	5.4	-	2022-09-26
CVE-2022-2987	Ldap WP Login / Active Directory Integration < 3.0.2 - Unauthenticated Settings Update to Auth Bypass — Ldap WP Login / Active Directory IntegrationCWE-862	5.3	-	2022-09-26
CVE-2022-2926	Download Manager < 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal — Download ManagerCWE-22	4.9	-	2022-09-26
CVE-2022-2405	WP Popup Builder < 1.3.0 - Subscriber+ Arbitrary Popup Deletion — WP Popup Builder – Popup Forms , Marketing PoPuP & NewsletterCWE-862	4.3	-	2022-09-26
CVE-2022-2903	NinjaForms < 3.6.13 - Admin+ PHP Objection Injection — Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPressCWE-502	7.2	-	2022-09-26
CVE-2022-2404	WP Popup Builder < 1.2.9 - Reflected Cross-Site Scripting — WP Popup Builder – Popup Forms , Marketing PoPuP & NewsletterCWE-79	6.1	-	2022-09-26
CVE-2022-2352	Post SMTP < 2.1.7 - Admin+ Blind SSRF — Post SMTP Mailer/Email LogCWE-918	7.2	-	2022-09-26
CVE-2022-1755	SVG Support < 2.5 - Author+ Stored Cross-Site Scripting — SVG SupportCWE-79	5.4	-	2022-09-26
CVE-2022-1613	Restricted Site Access < 7.3.2 - Access Bypass via IP Spoofing — Restricted Site AccessCWE-639	5.3	-	2022-09-26
CVE-2021-24890	Scripts Organizer < 3.0 - Unauthenticated Arbitrary File Upload — scripts-organizerCWE-862	8.8	-	2022-09-26
CVE-2022-3024	Simple Bitcoin Faucets <= 1.7.0 - Unauthorised AJAX Call to Stored XSS — Bitcoin Satoshi Tools : Faucets, Visitor Rewarder, Satoshi Games, Referral ProgramCWE-863	7.6	-	2022-09-26
CVE-2022-3021	Slickr Flickr <= 2.8.1 - Admin+ Stored Cross-Site Scripting — Slickr FlickrCWE-79	4.8	-	2022-09-19
CVE-2022-3036	Gettext override translations < 2.0.0 - Admin+ Stored Cross-Site Scripting — Gettext override translationsCWE-79	4.8	-	2022-09-19
CVE-2022-2958	BadgeOS < 3.7.1.3 - Subscriber+ SQLi — BadgeOSCWE-89	8.8	-	2022-09-19
CVE-2022-2754	Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Blind SQLi — Ketchup Restaurant ReservationsCWE-89	9.8	-	2022-09-19
CVE-2022-2753	Ketchup Restaurant Reservations <= 1.0.0 - Unauthenticated Stored XSS — Ketchup Restaurant ReservationsCWE-79	6.1	-	2022-09-19
CVE-2022-2710	Scroll To Top < 1.4.1 - Admin+ Stored Cross-Site Scripting — Scroll To TopCWE-79	4.8	-	2022-09-19
CVE-2022-2709	Float to Top Button <= 2.3.6 - Admin+ Stored Cross-Site Scripting — Float to Top ButtonCWE-79	4.8	-	2022-09-19
CVE-2022-2567	Form Builder CP < 1.2.32 - Admin+ Stored Cross-Site Scripting — Form Builder CPCWE-79	4.8	-	2022-09-19
CVE-2022-1591	WordPress Ping Optimizer < 2.35.1.3.0 - Arbitrary Settings Update via CSRF — WordPress Ping OptimizerCWE-352	4.3	-	2022-09-19
CVE-2022-1580	Site Offline < 1.5.3 - Access Bypass — Site Offline Or Coming Soon Or Maintenance ModeCWE-639	4.3	-	2022-09-19
CVE-2022-2840	Zephyr Project Manager < 3.2.5 - Multiple Unauthenticated SQLi — Zephyr Project ManagerCWE-89	9.8	-	2022-09-19
CVE-2022-3141	Translatepress Multilinugal < 2.3.3 - Admin+ SQLi — Translate Multilingual sites – TranslatePressCWE-89	8.8	-	2022-09-19
CVE-2022-3142	NEX-Forms < 7.9.7 - Authenticated SQLi — NEX-Forms – Ultimate Form Builder – Contact forms and much moreCWE-89	8.8	-	2022-09-19

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

UNKNOWN — Vulnerabilities & Security Advisories 4139