Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-1092 myCred < 2.4.4 - Subscriber+ Import/Export to Email Address Disclosure — myCred 4.3 -2022-04-25
CVE-2022-1027 Page Restriction WordPress < 1.2.7 - Admin+ Stored Cross-Site Scripting — Page Restriction WordPress (WP) – Protect WP Pages/PostCWE-79 4.8 -2022-04-25
CVE-2022-0953 Anti-Malware Security and Brute-Force Firewall < 4.20.96 - Reflected Cross-Site Scripting — Anti-Malware Security and Brute-Force FirewallCWE-79 6.1 -2022-04-25
CVE-2022-0876 Social comments by WpDevArt < 2.5.0 - Admin+ Stored Cross-Site Scripting — Social comments by WpDevArtCWE-79 4.8 -2022-04-25
CVE-2022-0782 Donations <= 1.8 - Unauthenticated SQLi — DonationsCWE-89 9.8 -2022-04-25
CVE-2022-0769 Users Ultra <= 3.1.0 - Unauthenticated SQL Injection — Users Ultra Membership, Users Community and Member Profiles With PayPal Integration PluginCWE-89 9.8 -2022-04-25
CVE-2022-0693 Master Elements <= 8.0 - Unauthenticated SQLi — Master ElementsCWE-89 9.8 -2022-04-25
CVE-2022-0657 5 Stars Rating Funnel < 1.2.53 - Unauthenticated SQLi — 5 Stars Rating Funnel WordPress Plugin | RRatinggCWE-89 9.8 -2022-04-25
CVE-2022-0656 uDraw < 3.3.3 - Unauthenticated Arbitrary File Access — Web To Print Shop : uDrawCWE-552 7.5 -2022-04-25
CVE-2022-0634 ThirstyAffiliates < 3.10.5 - Subscriber+ unauthorized image upload + CSRF — ThirstyAffiliates 3.5 -2022-04-25
CVE-2022-0541 Flo Launch < 2.4.1 - Missing Authentication Allow Full Site Takeover — flo-launchCWE-284 9.1 -2022-04-25
CVE-2022-0398 ThirstyAffiliates Affiliate Link Manager < 3.10.5 - Subscriber+ Arbitrary Affiliate Links Creation — ThirstyAffiliates Affiliate Link Manager 4.1 -2022-04-25
CVE-2022-0363 myCred < 2.4.4 - Subscriber+ Arbitrary Post Creation — myCred 4.3 -2022-04-25
CVE-2022-0287 Mycred < 2.4.4.1 - Subscriber+ User E-mail Addresses Disclosure — myCred 4.3 -2022-04-25
CVE-2021-4225 SP Project & Document Manager < 4.24 - Subscriber+ Shell Upload — SP Project & Document ManagerCWE-434 8.8 -2022-04-25
CVE-2021-46782 Pricing Table by Supsystic < 1.9.5 - Reflected Cross-Site Scripting — Pricing Table by SupsysticCWE-79 6.1 -2022-04-25
CVE-2021-46781 Coming Soon by Supsystic < 1.7.6 - Reflected Cross-Site Scripting — Coming Soon by SupsysticCWE-79 6.1 -2022-04-25
CVE-2021-46780 Easy Google Maps < 1.9.32 - Reflected Cross-Site Scripting — Easy Google MapsCWE-79 6.1 -2022-04-25
CVE-2021-25111 English WordPress Admin < 1.5.2 - Unauthenticated Open Redirect — English WordPress AdminCWE-601 6.1 -2022-04-25
CVE-2021-25094 Tatsu < 3.3.12 - Unauthenticated RCE — TatsuCWE-306 8.1 -2022-04-25
CVE-2021-24957 Advanced Page Visit Counter < 6.1.6 - Subscriber+ Blind SQL injection — Advanced Page Visit Counter – Advanced WordPress Visit CounterCWE-89 8.8 -2022-04-25
CVE-2021-24805 DW Question & Answer Pro <= 1.3.4 - Multiple CSRF — DW Question Answer ProCWE-352 6.5 -2022-04-25
CVE-2021-24800 DW Question & Answer Pro <= 1.3.4 - Arbitrary Comment Edition via IDOR — DW Question Answer ProCWE-639 4.3 -2022-04-25
CVE-2022-1112 Autolinks <= 1.0.1 - Stored Cross-Site Scripting via CSRF — AutolinksCWE-79 5.4 -2022-04-18
CVE-2022-1091 Safe SVG < 1.9.10 - SVG Sanitisation Bypass — Safe SVGCWE-79 6.1 -2022-04-18
CVE-2022-1090 Good & Bad Comments <= 1.0.0 - Admin+ Stored Cross-Site Scripting — Good & Bad commentsCWE-79 4.8 -2022-04-18
CVE-2022-1088 Page Security & Membership <= 1.5.15 - Admin+ Stored Cross-Site Scripting — Page Security & MembershipCWE-79 4.8 -2022-04-18
CVE-2022-1063 Thank Me Later <= 3.3.4 - Admin+ Stored Cross-Site Scripting — Thank Me LaterCWE-79 4.8 -2022-04-18
CVE-2022-1054 RSVP and Event Management < 2.7.8 - Unauthenticated Entries Export — RSVP and Event Management PluginCWE-862 5.3 -2022-04-18
CVE-2022-1037 EXMAGE < 1.0.7 - Admin+ Blind SSRF — EXMAGE – WordPress Image LinksCWE-918 8.8 -2022-04-18

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.