Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-1020 Woo Product Table < 3.1.2 - Unauthenticated Arbitrary Function Call — Product Table for WooCommerce (wooproducttable)CWE-862 9.8 -2022-04-18
CVE-2022-1001 WP Downgrade < 1.2.3 - Admin+ Stored Cross-Site Scripting — WP Downgrade | Specific Core VersionCWE-79 4.8 -2022-04-18
CVE-2022-0994 Hummingbird < 3.3.2 - Admin+ Stored Cross-Site Scripting — Hummingbird – Optimize Speed, Enable Cache, Minify CSS & Defer Critical JSCWE-79 4.8 -2022-04-18
CVE-2022-0879 Caldera Forms < 1.9.7 - Reflected Cross-Site Scripting — Caldera Forms – More Than Contact FormsCWE-79 6.1 -2022-04-18
CVE-2022-0785 Daily Prayer Time < 2022.03.01 - Unauthenticated SQLi — Daily Prayer TimeCWE-89 9.8 -2022-04-18
CVE-2022-0780 SearchIQ < 3.9 - Unauthenticated Stored XSS — SearchIQ – The Search SolutionCWE-79 6.1 -2022-04-18
CVE-2022-0765 Loco Translate < 2.6.1 - Authenticated Stored Cross-Site Scripting — Loco TranslateCWE-79 4.8 -2022-04-18
CVE-2022-0737 Text Hover < 4.2 - Admin+ Stored Cross-Site Scripting — Text HoverCWE-79 4.8 -2022-04-18
CVE-2022-0707 Easy Digital Downloads < 2.11.6 - Arbitrary Payment Note Insertion via CSRF — Easy Digital Downloads – Simple eCommerce for Selling Digital FilesCWE-352 4.3 -2022-04-18
CVE-2022-0706 Easy Digital Downloads < 2.11.6 - Admin+ Stored Cross-Site Scripting — Easy Digital Downloads – Simple eCommerce for Selling Digital FilesCWE-79 4.8 -2022-04-18
CVE-2022-0661 Ad Injection <= 1.2.0.19 - Admin+ Stored Cross-Site Scripting & RCE — Ad InjectionCWE-94 7.2 -2022-04-18
CVE-2021-25120 Easy Social Feed < 6.2.7 - Reflected Cross-Site Scripting — Easy Social Feed ProCWE-79 6.1 -2022-04-18
CVE-2022-0142 Visual Form Builder < 3.0.6 - CSV Injection — Visual Form BuilderCWE-1236 9.8 -2022-04-12
CVE-2022-0141 Visual Form Builder < 3.0.8 - Entries Deletion/Restoration via CSRF — Visual Form BuilderCWE-352 8.1 -2022-04-12
CVE-2022-0140 Visual Form Builder < 3.0.6 - Unauthenticated Information Disclosure — Visual Form Builder 7.5 -2022-04-12
CVE-2022-1023 Podcast Importer SecondLine < 1.3.8 - Admin+ SQLi — Podcast Importer SecondLineCWE-89 9.8 -2022-04-11
CVE-2022-1008 One Click Demo Import < 3.1.0 - Admin+ Arbitrary File Upload — One Click Demo ImportCWE-434 7.2 -2022-04-11
CVE-2022-1007 Advanced Booking Calendar < 1.7.1 - Reflected Cross-Site Scripting — Advanced Booking CalendarCWE-79 6.1 -2022-04-11
CVE-2022-1006 Advanced Booking Calendar < 1.7.1 - Admin+ SQLi — Advanced Booking CalendarCWE-89 7.2 -2022-04-11
CVE-2022-0989 NS WooCommerce Watermark <= 2.11.3 - Abuse of Functionality — NS WooCommerce WatermarkCWE-80 7.5 -2022-04-11
CVE-2022-0969 Image optimization & Lazy Load < 3.3.2 - Admin+ Stored Cross-Site Scripting — Image optimization & Lazy Load by OptimoleCWE-79 4.8 -2022-04-11
CVE-2022-0949 WP Block and Stop Bad Bots < 6.930 - Unauthenticated SQLi — Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam ProtectionCWE-89 9.8 -2022-04-11
CVE-2022-0920 Salon booking system < 7.6.3 - Customer+ Bookings/Customers Data Disclosure — Salon booking systemCWE-863 7.5 -2022-04-11
CVE-2022-0919 Salon booking system < 7.6.3 - Unauthenticated Sensitive Data Disclosure — Salon booking systemCWE-862 5.3 -2022-04-11
CVE-2022-0914 Export All URLs < 4.3 - Private/Draft Post/Page Title Disclosure via CSRF — Export All URLsCWE-352 6.5 -2022-04-11
CVE-2022-0892 Export All URLs < 4.2 - Reflected Cross-Site Scripting — Export All URLsCWE-79 6.1 -2022-04-11
CVE-2022-0840 Easy Social Icons < 3.2.1 - Admin+ Stored Cross-Site Scripting in add icon — Easy Social IconsCWE-79 4.8 -2022-04-11
CVE-2022-0828 Download Manager < 3.2.39 - Unauthenticated brute force of files master key — Download Manager 7.5 -2022-04-11
CVE-2022-0728 Easy Smooth Scroll Links < 2.23.1 - Admin+ Stored Cross-Site Scripting — Easy Smooth Scroll LinksCWE-79 4.8 -2022-04-11
CVE-2022-0531 WPvivid Backup and Migration Plugin < 0.9.70 - Reflected Cross-Site Scripting — Migration, Backup, Staging – WPvividCWE-79 6.1 -2022-04-11

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.