Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2019-25060	WP-GraphQL < 0.3.5 - Improper Access Control — WPGraphQLCWE-284	5.3	-	2022-05-09
CVE-2022-1282	Photo Gallery < 1.6.3 - Reflected Cross-Site Scripting — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79	6.1	-	2022-05-02
CVE-2022-1281	Photo Gallery < 1.6.3 - Unauthenticated SQL Injection — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-89	9.8	-	2022-05-02
CVE-2022-1273	Import WP < 2.4.6 - Admin+ Arbitrary File Upload to RCE — Import WP – Import and Export WordPress data to XML or CSV filesCWE-434	7.2	-	2022-05-02
CVE-2022-1269	Fast Flow < 1.2.12 - Reflected Cross-Site Scripting — Fast FlowCWE-79	6.1	-	2022-05-02
CVE-2022-1255	Import and export users and customers < 1.19.2.1 - Admin+ Stored Cross-Site Scripting — Import and export users and customersCWE-79	4.8	-	2022-05-02
CVE-2022-1250	LifterLMS PayPal < 1.4.0 - Reflected Cross-Site Scripting — LifterLMS PaypalCWE-79	6.1	-	2022-05-02
CVE-2022-1239	HubSpot < 8.8.15 - Contributor+ Blind SSRF — HubSpot – CRM, Email Marketing, Live Chat, Forms & AnalyticsCWE-918	8.1	-	2022-05-02
CVE-2022-1046	Visual Form Builder < 3.0.7 - Admin+ Stored Cross-Site Scripting — Visual Form BuilderCWE-79	4.8	-	2022-05-02
CVE-2022-0952	Sitemap by click5 < 1.0.36 - Unauthenticated Arbitrary Options Update — Sitemap by click5	8.8	-	2022-05-02
CVE-2022-0783	Multiple Shipping Address Woocommerce < 2.0 - Unauthenticated SQLi — Multiple Shipping Address WoocommerceCWE-89	9.8	-	2022-05-02
CVE-2022-0773	Documentor <= 1.5.3 - Unauthenticated SQLi — Documentor – Create Product DocumentationCWE-89	9.8	-	2022-05-02
CVE-2022-0771	SiteSuperCharger < 5.2.0 - Unauthenticated SQLi — SiteSuperChargerCWE-89	9.8	-	2022-05-02
CVE-2022-0662	Adrotate < 5.8.23 - Admin+ XSS via Advert Name — AdRotate – Ad manager & AdSense AdsCWE-79	4.8	-	2022-05-02
CVE-2022-0649	Adrotate < 5.8.23 - Admin+ XSS via Group Name — AdRotate – Ad manager & AdSense AdsCWE-79	4.8	-	2022-05-02
CVE-2022-0428	Content Egg < 5.3.0 - Reflected Cross-Site Scripting — Content EggCWE-79	6.1	-	2022-05-02
CVE-2022-0418	Event List < 0.8.8 - Admin+ Stored Cross-Site Scripting — Event ListCWE-79	4.8	-	2022-05-02
CVE-2022-0191	Ad Invalid Click Protector (AICP) < 1.2.7 - Arbitrary Ban Deletion via CSRF — Ad Invalid Click Protector (AICP)CWE-352	4.3	-	2022-05-02
CVE-2021-25102	All In One WP Security < 4.4.11 - Authenticated Reflected Cross-Site Scripting — All In One WP Security & FirewallCWE-79	6.1	-	2022-05-02
CVE-2021-25086	Advanced Page Visit Counter < 6.1.2 - Unauthenticated Stored Cross-Site Scripting — Advanced Page Visit Counter – Advanced WordPress Visit CounterCWE-79	6.1	-	2022-05-02
CVE-2021-25002	Tipsacarrier < 1.5.0.5 - Unauthenticated Orders Disclosure — TipsacarrierCWE-862	7.5	-	2022-05-02
CVE-2022-1396	Donorbox < 7.1.7 - Admin+ Stored Cross-Site Scripting — Donorbox – Free Recurring Donation FormCWE-79	4.8	-	2022-04-25
CVE-2022-1392	Videos sync PDF <= 1.7.4 - Unauthenticated LFI — Videos sync PDFCWE-22	7.5	-	2022-04-25
CVE-2022-1391	Cab fare calculator < 1.0.4 - Unauthenticated LFI — Cab fare calculatorCWE-22	8.8	-	2022-04-25
CVE-2022-1390	Admin Word Count Column <= 2.2 - Unauthenticated Arbitrary File Read — Admin Word Count ColumnCWE-22	9.8	-	2022-04-25
CVE-2022-1228	Opensea < 1.0.3 - Admin+ Stored XSS — OpenseaCWE-79	4.8	-	2022-04-25
CVE-2022-1156	Books & Papers <= 0.20210223 - Admin+ Stored Cross-Site Scripting — Books & PapersCWE-79	4.8	-	2022-04-25
CVE-2022-1153	LayerSlider < 7.1.2 - Admin+ Stored Cross-Site Scripting — LayerSliderCWE-79	4.8	-	2022-04-25
CVE-2022-1152	Menubar < 5.8 - Reflected Cross-Site Scripting — MenubarCWE-79	5.4	-	2022-04-25
CVE-2022-1094	Amr Users < 4.59.4 - Admin+ Stored Cross-Site Scripting — amr usersCWE-79	4.8	-	2022-04-25

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Unknown — Vulnerabilities & Security Advisories 4139