Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

UNKNOWN — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting UNKNOWN. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by UNKNOWN:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-2146 Import CSV Files <= 1.0 - Reflected Cross-Site Scripting — Import CSV Files 6.1 -2022-07-17
CVE-2022-2144 Jquery Validation For Contact Form 7 < 5.3 - Arbitrary Options Update via CSRF — Jquery Validation For Contact Form 7CWE-352 4.3 -2022-07-17
CVE-2022-2133 OAuth Single Sign On < 6.22.6 - Authentication Bypass — OAuth Single Sign On – SSO (OAuth Client)CWE-287 5.3 -2022-07-17
CVE-2022-2118 404s < 3.5.1 - Admin+ Stored Cross-Site Scripting — 404sCWE-79 4.8 -2022-07-17
CVE-2022-2114 Data Tables Generator by Supsystic < 1.10.20 - Admin+ Stored Cross-Site Scripting — Data Tables Generator by SupsysticCWE-79 4.8 -2022-07-17
CVE-2022-2100 Page Generator Plugin < 1.6.5 - Admin+ Stored Cross-Site Scripting — Page GeneratorCWE-79 4.8 -2022-07-17
CVE-2022-2099 WooCommerce < 6.6.0 - Admin+ Stored HTML Injection — WooCommerce 5.4 -2022-07-17
CVE-2022-2090 Woo Discount Rules < 2.4.2 - Reflected Cross-Site Scripting — Discount Rules for WooCommerceCWE-79 6.1 -2022-07-17
CVE-2022-1933 CDI < 5.1.9 - Reflected Cross-Site-Scripting — CDI – Collect and Deliver Interface for WoocommerceCWE-79 6.1 -2022-07-17
CVE-2022-1672 Insights from Google PageSpeed < 4.0.7 - Multiple CSRF — Insights from Google PageSpeedCWE-352 8.8 -2022-07-17
CVE-2021-24655 WP User Manager < 2.6.3 - Arbitrary User Password Reset to Account Compromise — WP User Manager – User Profile Builder & MembershipCWE-639 7.5 -2022-07-17
CVE-2022-2123 WP Opt-in <= 1.4.1 - Arbitrary Settings Update via CSRF — WP Opt-inCWE-352 6.5 -2022-07-11
CVE-2022-2093 WP Duplicate Page < 1.3 - Admin+ Stored Cross Site Scripting — WP Duplicate PageCWE-79 4.8 -2022-07-11
CVE-2022-2092 WooCommerce PDF Invoices & Packing Slips < 2.16.0 - Reflected Cross-Site Scripting — WooCommerce PDF Invoices & Packing SlipsCWE-79 6.1 -2022-07-11
CVE-2022-2091 Cache Images < 3.2.1 - Image Upload / Import via CSRF — Cache ImagesCWE-352 6.5 -2022-07-11
CVE-2022-2089 Bold Page Builder < 4.3.3 - Admin+ Stored Cross-Site Scripting — Bold Page BuilderCWE-79 4.8 -2022-07-11
CVE-2022-2050 WP Paginate < 2.1.9 - Admin+ Stored Cross-Site Scripting — WP-PaginateCWE-79 4.8 -2022-07-11
CVE-2022-1957 Comment License < 1.4.0 - Arbitrary Settings Update via CSRF — Comment LicenseCWE-352 4.3 -2022-07-11
CVE-2022-1956 Shortcut Macros <= 1.3 - Subscriber+ Arbitrary Settings Update — Shortcut MacrosCWE-352 4.3 -2022-07-11
CVE-2022-1952 eaSYNC < 1.1.16 - Unauthenticated Arbitrary File Upload — Free Booking Plugin for Hotels, Restaurant and Car Rental – eaSYNCCWE-434 9.8 -2022-07-11
CVE-2022-1951 Core Plugin for Kitestudio Themes < 2.3.1 - Reflected Cross-Site-Scripting — core plugin for kitestudio themesCWE-79 6.1 -2022-07-11
CVE-2022-1938 Awin Data Feed < 1.8 - Unauthenticated Stored Cross-Site Scripting — Awin Data FeedCWE-79 5.4 -2022-07-11
CVE-2022-1937 Awin Data Feed < 1.8 - Reflected Cross-Site Scripting — Awin Data FeedCWE-79 6.1 -2022-07-11
CVE-2022-1910 Shortcodes and extra features for Phlox theme < 2.9.8 - Reflected Cross-Site-Scripting — Shortcodes and extra features for Phlox themeCWE-79 6.1 -2022-07-11
CVE-2022-1894 Popup Builder < 4.1.11 - Admin+ Stored Cross-Site Scripting — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-79 4.8 -2022-07-11
CVE-2022-1757 Pagebar < 2.70 - Arbitrary Settings Update via CSRF to Stored XSS — pagebarCWE-352 5.4 -2022-07-11
CVE-2022-1732 Rename wp-login.php <= 2.6.0 - Secret URL Update via CSRF — Rename wp-login.phpCWE-352 6.5 -2022-07-11
CVE-2022-1626 Sharebar <= 1.4.1 - Arbitrary Settings Update to Stored XSS via CSRF — SharebarCWE-352 4.6 -2022-07-11
CVE-2022-1599 Admin Management Xtended < 2.4.5 - Post Visibility/Date/Comment Status Update via CSRF — Admin Management XtendedCWE-352 6.5 -2022-07-11
CVE-2022-1576 WP Maintenance Mode & Coming Soon < 2.4.5 - Subscribed Users Deletion via CSRF — WP Maintenance Mode & Coming SoonCWE-352 6.5 -2022-07-11

This page lists every published CVE security advisory associated with UNKNOWN. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.