Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2022-0471	Favicon by RealFaviconGenerator < 1.3.23 - Reflected Cross-Site Scripting — Favicon by RealFaviconGeneratorCWE-79	6.1	-	2022-04-11
CVE-2022-0447	Post Grid < 2.1.16 - Reflected Cross-Site Scripting via post_types — Post GridCWE-79	5.4	-	2022-04-11
CVE-2022-0314	Nimble Page Builder < 3.2.2 - Reflected Cross-Site Scripting — Nimble Page BuilderCWE-79	6.1	-	2022-04-11
CVE-2022-0271	LearnPress < 4.1.6 - Reflected Cross-Site Scripting — LearnPress – WordPress LMS PluginCWE-79	6.1	-	2022-04-11
CVE-2022-0246	iQ Block Country < 1.2.13 - Admin+ Arbitrary File Deletion via Zip Slip — iQ Block CountryCWE-73	6.5	-	2022-04-11
CVE-2021-25090	GridKit Portfolio < 2.1.0 - Subscriber+ Stored Cross-Site Scripting — Portfolio Gallery, Product Catalog – Grid KIT PortfolioCWE-79	4.1	-	2022-04-11
CVE-2021-24987	Super Socializer < 7.13.30 - Reflected Cross-Site Scripting — Social Share, Social Login and Social Comments Plugin – Super SocializerCWE-79	6.1	-	2022-04-11
CVE-2021-24986	Post Grid < 2.1.16 - Reflected Cross-Site Scripting via keyword — Post GridCWE-79	6.1	-	2022-04-11
CVE-2022-1170	JobMonster < 4.5.2.9 - Unauthenticated Reflected Cross-Site Scripting — Noo JobMonsterCWE-79	6.1	-	2022-04-04
CVE-2022-1169	Careerfy < 3.9.0 - Unauthenticated Reflected Cross-Site Scripting (XSS) — CareerfyCWE-79	5.4	-	2022-04-04
CVE-2022-1168	JobSearch < 1.5.1 - Unauthenticated Reflected Cross-Site Scripting (XSS) — WP JobSearchCWE-79	6.1	-	2022-04-04
CVE-2022-1167	CareerUp < 2.3.1 - Unauthenticated Reflected Cross-Site Scripting — CareerupCWE-79	6.1	-	2022-04-04
CVE-2022-1166	JobMonster < 4.6.6.1 - Directory Listing in Upload Folder — Noo JobMonsterCWE-22	5.3	-	2022-04-04
CVE-2022-1165	Blackhole for Bad Bots < 3.3.2 - Arbitrary IP Address Blocking via IP Spoofing — Blackhole for Bad BotsCWE-639	9.1	-	2022-04-04
CVE-2022-1164	Wyzi < 2.4.3 - Reflected Cross-Site Scripting (XSS) — WYZI Business FinderCWE-79	6.1	-	2022-04-04
CVE-2022-0958	Mark Posts < 2.0.1 - Admin+ Stored Cross-Site Scripting — Mark PostsCWE-79	4.8	-	2022-04-04
CVE-2022-0901	Ad Inserter < 2.7.12 - Reflected Cross-Site Scripting — Ad Inserter – Ad Manager & AdSense AdsCWE-79	6.1	-	2022-04-04
CVE-2022-0887	Easy Social Icons < 3.1.4 - Admin+ SQL Injection — Easy Social IconsCWE-89	7.2	-	2022-04-04
CVE-2022-0884	Profile Builder < 3.6.8 - Admin+ Stored Cross-Site Scripting — Profile Builder – User Profile & User Registration FormsCWE-79	4.8	-	2022-04-04
CVE-2022-0864	UpdraftPlus < 1.22.9 - Reflected Cross-Site Scripting — UpdraftPlus WordPress Backup PluginCWE-79	6.1	-	2022-04-04
CVE-2022-0837	Amelia < 1.0.48 - Customer+ SMS Service Abuse and Sensitive Data Disclosure — Amelia	8.2	-	2022-04-04
CVE-2022-0830	FormBuilder <= 1.08 - Stored Cross-Site Scripting via CSRF — FormBuilderCWE-352	6.5	-	2022-04-04
CVE-2022-0825	Amelia < 1.0.49 - Customer+ Arbitrary Appointments Status Update — Amelia – Events & Appointments Booking CalendarCWE-863	5.4	-	2022-04-04
CVE-2022-0709	Booking Package < 1.5.29 - Unauthenticated Sensitive Data Disclosure — Booking Package – Appointment Booking Calendar SystemCWE-200	7.5	-	2022-04-04
CVE-2022-0537	MapPress Maps for WordPress < 2.73.13 - Admin+ File Upload to Remote Code Execution — MapPress Maps for WordPressCWE-434	7.2	-	2022-04-04
CVE-2022-0431	Google Pagespeed Insights < 4.0.4 - Reflected Cross-Site Scripting — Insights from Google PageSpeedCWE-79	6.1	-	2022-04-04
CVE-2022-0404	Material Design for Contact Form 7 <= 2.6.4 - Subscriber+ Arbitrary Settings Update leading to DoS — Material Design for Contact Form 7	6.5	-	2022-04-04
CVE-2022-0403	Library File Manager < 5.2.3 - Subscriber+ Arbitrary File Creation/Upload/Deletion — Library File ManagerCWE-434	8.1	-	2022-04-04
CVE-2021-25113	Dropdown Menu Widget <= 1.9.7 - Subscriber+ Arbitrary Settings Update to Stored XSS — Dropdown Menu WidgetCWE-79	5.4	-	2022-04-04
CVE-2021-25048	KingComposer <= 2.9.6 - Subscriber+ Stored Cross-Site Scripting — Page Builder: KingComposer – Free Drag and Drop page builder by King-ThemeCWE-79	5.4	-	2022-04-04

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Unknown — Vulnerabilities & Security Advisories 4139