Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by UNKNOWN:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-2913 Login No Captcha reCAPTCHA < 1.7 - IP Check Bypass — Login No Captcha reCAPTCHACWE-639 4.3 -2022-09-16
CVE-2022-2912 Craw Data <= 1.0.0 - Server Side Request Forgery — Craw DataCWE-918 5.3 -2022-09-16
CVE-2022-2877 Titan Anti-spam & Security < 7.3.1 - Protection Bypass due to IP Spoofing — Titan Anti-spam & SecurityCWE-639 5.3 -2022-09-16
CVE-2022-2887 WP Server Health Stats < 1.7.0 - Admin+ Stored Cross-Site Scripting — WP Server Health StatsCWE-79 4.8 -2022-09-16
CVE-2022-2799 Affiliates Manager < 2.9.14 - Admin+ Stored Cross-Site Scripting — Affiliates ManagerCWE-79 4.8 -2022-09-16
CVE-2022-2798 Affiliates Manager < 2.9.14 - Affiliate CSV Injection — Affiliates ManagerCWE-1236 8.0 -2022-09-16
CVE-2022-2737 WP STAGING < 2.9.18 - Admin+ Stored Cross-Site Scripting — WP STAGING – Backup Duplicator & MigrationCWE-79 4.8 -2022-09-16
CVE-2022-2669 WP Taxonomy Import <= 1.0.4 - Reflected Cross-Site Scripting — WP Taxonomy ImportCWE-79 6.1 -2022-09-16
CVE-2022-2654 Classima < 2.1.11 - Reflected Cross-Site Scripting — Classified Listing – Classified ads & Business Directory PluginCWE-79 6.1 -2022-09-16
CVE-2022-2655 Classified Listing Pro < 2.0.20 - Reflected Cross-Site Scripting — Classified Listing Pro - Classified ads & Business Directory PluginCWE-79 6.1 -2022-09-16
CVE-2022-2635 Autoptimize < 3.1.1 - Admin+ Stored Cross Site Scripting — AutoptimizeCWE-79 4.8 -2022-09-16
CVE-2022-2575 WBW Currency Switcher for WooCommerce < 1.6.6 - Admin+ Stored XSS — WBW Currency Switcher for WooCommerceCWE-79 4.8 -2022-09-16
CVE-2022-2351 Post SMTP < 2.1.4 - Admin+ Stored Cross-Site Scripting — Post SMTP Mailer/Email LogCWE-79 4.8 -2022-09-16
CVE-2022-1194 Mobile Events Manager < 1.4.8 - Admin+ CSV Injection — Mobile Events ManagerCWE-1236 8.0 -2022-09-16
CVE-2022-2863 WPvivid Backup < 0.9.76 - Admin+ Arbitrary File Read — Migration, Backup, Staging – WPvividCWE-22 4.9 -2022-09-16
CVE-2022-2775 Fast Flow < 1.2.13 - Admin+ Stored Cross-Site Scripting — Fast FlowCWE-79 4.8 -2022-09-05
CVE-2022-2657 Multivendor Marketplace Solution for WooCommerce < 3.8.12 - Unauthorised AJAX Calls — Multivendor Marketplace Solution for WooCommerce – WC MarketplaceCWE-862 4.3 -2022-09-05
CVE-2022-2565 Best Payments Plugin for WP < 4.2.1 - Unauthenticated Stored Cross-Site Scripting — Simple Payment Donations & Subscriptions Plugin by Paymattic – Best Payments Plugin for WPCWE-79 6.1 -2022-09-05
CVE-2022-2597 Visual Portfolio < 2.19.0 - Contributor+ CSS Injection — Visual Portfolio, Photo Gallery & Post GridCWE-863 5.4 -2022-09-05
CVE-2022-2543 Visual Portfolio < 2.18.0 - Unauthenticated CSS Injection — Visual Portfolio, Photo Gallery & Post GridCWE-862 6.1 -2022-09-05
CVE-2022-2376 Directorist < 7.3.1 - Unauthenticated Email Address Disclosure — Directorist – WordPress Business Directory Plugin with Classified Ads ListingsCWE-862 5.3 -2022-09-05
CVE-2022-2271 WP Database Backup < 5.9 - Admin+ Stored Cross-Site Scripting — WP Database BackupCWE-79 4.8 -2022-09-05
CVE-2022-2083 Simple Single Sign On <= 4.1.0 - Authentication Bypass — Simple Single Sign On 7.5 -2022-09-05
CVE-2022-2599 Anti-Malware Security and Brute-Force Firewall < 4.21.83 - Reflected Cross-Site Scripting — Anti-Malware Security and Brute-Force FirewallCWE-79 6.1 -2022-08-29
CVE-2022-2638 Export All URLs < 4.4 - Admin+ Arbitrary System File Removal — Export All URLsCWE-73 6.5 -2022-08-29
CVE-2022-2374 Simply Schedule Appointments < 1.5.7.7 - Admin+ Stored Cross-Site Scripting — Simply Schedule Appointments – WordPress Booking PluginCWE-79 4.8 -2022-08-29
CVE-2022-2537 WooCommerce PDF Invoices & Packing Slips < 3.0.1 - Reflected Cross-Site Scripting — WooCommerce PDF Invoices & Packing SlipsCWE-79 6.1 -2022-08-29
CVE-2022-2538 WP Hide & Security Enhancer < 1.8 - Reflected Cross-Site Scripting — WP Hide & Security EnhancerCWE-79 6.1 -2022-08-29
CVE-2022-2556 MailChimp for Woocommerce < 2.7.2 - Admin+ SSRF — Mailchimp for WooCommerceCWE-918 2.7 -2022-08-29
CVE-2022-2559 Fluent Support < 1.5.8 - Admin+ SQLi — Fluent Support – WordPress Helpdesk and Customer Support Ticket PluginCWE-89 7.2 -2022-08-29

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.