Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-1349 WPQA < 5.2 - Subscriber+ Arbitrary Profile Picture Deletion via IDOR — WPQA Builder PluginCWE-287 6.5 -2022-05-16
CVE-2022-1334 WP YouTube Live < 1.8.3 - Admin+ Stored Cross Site Scripting — WP YouTube LiveCWE-79 4.8 -2022-05-16
CVE-2022-1267 BMI BMR Calculator <= 1.3 - Reflected Cross-Site Scripting — BMI BMR CalculatorCWE-79 6.1 -2022-05-16
CVE-2022-1265 BulletProof Security < 6.1 - Admin+ Stored Cross-Site Scripting — BulletProof SecurityCWE-79 4.8 -2022-05-16
CVE-2022-1217 Custom TinyMCE Shortcode Button <= 1.1 - Reflected Cross-Site Scripting — Custom TinyMCE Shortcode ButtonCWE-79 6.1 -2022-05-16
CVE-2022-1216 Advanced Image Sitemap <= 1.2 - Reflected Cross-Site Scripting — Advanced Image SitemapCWE-79 6.1 -2022-05-16
CVE-2022-1182 Visual Slide Box Builder <= 3.2.9 - Subscriber+ SQLi — Visual Slide Box BuilderCWE-89 8.8 -2022-05-16
CVE-2022-1103 Advanced Uploader <= 4.2 - Subscriber+ Arbitrary File Upload — Advanced uploaderCWE-434 8.8 -2022-05-16
CVE-2022-1089 Bulk Edit and Create User Profiles < 1.5.14 - Admin+ Stored Cross-Site Scripting — Bulk Edit and Create User Profiles – WP Sheet EditorCWE-79 4.8 -2022-05-16
CVE-2022-1062 th23 Social <= 1.2.0 - Admin+ Stored Cross-Site Scripting — th23 SocialCWE-79 4.8 -2022-05-16
CVE-2022-1051 WPQA < 5.2 - Subscriber+ Stored Cross-Site Scripting via Profile fields — WPQA Builder PluginCWE-79 5.4 -2022-05-16
CVE-2022-0873 Gmedia Photo Gallery < 1.20.0 - Admin+ Stored Cross-Site Scripting — Gmedia Photo GalleryCWE-79 4.8 -2022-05-16
CVE-2022-0867 ARPrice Lite < 3.6.1 - Unauthenticated SQLi — Pricing Table PluginCWE-89 9.8 -2022-05-16
CVE-2021-25119 AGIL <= 1.0 - Admin+ Arbitrary File Upload — AGIL(Automatic Grid Image Listing)CWE-434 7.2 -2022-05-16
CVE-2022-1338 Easily Generate Rest API Url <= 1.0.0 - Admin+ Stored Cross-Site Scripting — Easily Generate Rest API UrlCWE-79 4.8 -2022-05-09
CVE-2022-1303 Slide Anything < 2.3.44 - Editor+ Stored Cross-Site Scripting — Slide Anything – Responsive Content / HTML Slider and CarouselCWE-79 4.8 -2022-05-09
CVE-2022-1171 Vertical scroll recent post < 14.0 - Reflected Cross-Site Scripting — Vertical scroll recent postCWE-79 6.1 -2022-05-09
CVE-2022-1104 Popup Maker < 1.16.5 - Admin+ Stored Cross-Site Scripting — Popup Maker – Popup for opt-ins, lead gen, & moreCWE-79 4.8 -2022-05-09
CVE-2022-1047 Themify - Post Type Builder Search Addon < 1.4.0 - Reflected Cross-Site Scripting — themify-ptb-searchCWE-79 6.1 -2022-05-09
CVE-2022-1013 Personal Dictionary < 1.3.4 - Unauthenticated SQLi — Personal DictionaryCWE-89 9.8 -2022-05-09
CVE-2022-0948 Order Listener for WooCommerce < 3.2.2 - Unauthenticated SQLi — Order Listener for WooCommerce – Play Sounds Instantly on New OrdersCWE-89 9.8 -2022-05-09
CVE-2022-0898 IgniteUp <= 3.4.1 - Admin+ Stored Cross-Site Scripting — IgniteUp – Coming Soon and Maintenance ModeCWE-79 5.4 -2022-05-09
CVE-2022-0874 WP Social Buttons <= 2.1 - Admin+ Stored Cross-Site Scripting — WP Social ButtonsCWE-79 4.8 -2022-05-09
CVE-2022-0836 SEMA API < 4.02 - Unauthenticated SQLi — SEMA APICWE-89 9.8 -2022-05-09
CVE-2022-0826 WP Video Gallery <= 1.7.1 - Unauthenticated SQLi — WP Video GalleryCWE-89 9.8 -2022-05-09
CVE-2022-0817 BadgeOS <= 3.7.0 - Unauthenticated SQLi — BadgeOSCWE-89 9.8 -2022-05-09
CVE-2022-0814 Ubigeo de Peru < 3.6.4 - Unauthenticated SQLi — Ubigeo de Perú para Woocommerce y WordPressCWE-89 9.8 -2022-05-09
CVE-2022-0625 Admin Menu Editor <= 1.0.4 - Reflected Cross-Site Scripting — Admin Menu EditorCWE-79 6.1 -2022-05-09
CVE-2022-0592 MapSVG < 6.2.20 - Unauthenticated SQLi — MapSVGCWE-89 9.8 -2022-05-09
CVE-2022-0424 Popup by Supsystic < 1.10.9 - Unauthenticated Subscriber Email Addresses Disclosure — Popup by SupsysticCWE-306 5.3 -2022-05-09

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.