Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-0846 SpeakOut! Email Petitions < 2.14.15.1 - Unauthenticated SQLi — SpeakOut! Email PetitionsCWE-89 9.8 -2022-03-28
CVE-2022-0833 Church Admin < 3.4.135 - Unauthenticated Plugin's Backup Disclosure — Church Admin 4.3 -2022-03-28
CVE-2022-0818 Coupon Affiliates < 4.16.4.5 - Unauthenticated Stored XSS — WooCommerce Affiliate Plugin – Coupon AffiliatesCWE-79 6.1 -2022-03-28
CVE-2022-0787 Limit Login Attempts (Spam Protection) < 5.1 - Unauthenticated SQLi — Limit Login Attempts (Spam Protection)CWE-89 9.8 -2022-03-28
CVE-2022-0784 Title Experiments Free < 9.0.1 - Unauthenticated SQLi — Title Experiments FreeCWE-89 9.8 -2022-03-28
CVE-2022-0770 Translate WordPress with GTranslate < 2.9.9 - CSRF to Account Takeover — Translate WordPress with GTranslateCWE-352 8.1 -2022-03-28
CVE-2022-0720 Amelia < 1.0.47 - Customer+ Arbitrary Appointments Update and Sensitive Data Disclosure — Amelia – Events & Appointments Booking CalendarCWE-863 5.4 -2022-03-28
CVE-2022-0680 Plezi < 1.0.3 - Unauthenticated Stored XSS — PleziCWE-79 6.1 -2022-03-28
CVE-2022-0679 Narnoo Distributor <= 2.5.1 - Unauthenticated LFI to Arbitrary File Read / RCE — Narnoo DistributorCWE-22 9.8 -2022-03-28
CVE-2022-0647 Bulk Creator <= 1.0.1 - Reflected Cross-Site Scripting — Bulk CreatorCWE-79 6.1 -2022-03-28
CVE-2022-0643 Bank Mellat <= 1.3.7 - Reflected Cross-Site Scripting — Bank MellatCWE-79 6.1 -2022-03-28
CVE-2022-0641 Popup Like box < 3.6.1 - Reflected Cross-Site Scripting — Popup Like box – Page PluginCWE-79 6.1 -2022-03-28
CVE-2022-0621 dTabs <= 1.4 - Reflected Cross-Site Scripting — dTabsCWE-79 6.1 -2022-03-28
CVE-2022-0620 Delete Old Orders <= 0.2 - Reflected Cross-Site Scripting — Delete Old OrdersCWE-79 6.1 -2022-03-28
CVE-2022-0619 Database Peek <= 1.2 - Reflected Cross-Site Scripting — Database PeekCWE-79 6.1 -2022-03-28
CVE-2022-0600 Conference Scheduler < 2.4.3 - Reflected Cross-Site Scripting — Conference SchedulerCWE-79 6.1 -2022-03-28
CVE-2022-0599 Mapping Multiple URLs Redirect Same Page <= 5.8 - Reflected Cross-Site Scripting — Mapping multiple URLs redirect same pageCWE-79 6.1 -2022-03-28
CVE-2022-0595 Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.6.3 - Unauthenticated Stored XSS — Drag and Drop Multiple File Upload – Contact Form 7CWE-79 5.4 -2022-03-28
CVE-2022-0499 Sermon Browser <= 0.45.22 - Arbitrary File Upload via CSRF — Sermon BrowserCWE-434 8.8 -2022-03-28
CVE-2022-0493 String Locator < 2.5.0 - Admin+ Arbitrary File Read — String locatorCWE-22 4.9 -2022-03-28
CVE-2022-0479 Popup Builder < 4.1.1 - SQL Injection to Reflected Cross-Site Scripting — Popup Builder – Create highly converting, mobile friendly marketing popups.CWE-89 9.8 -2022-03-28
CVE-2022-0450 Menu Image, Icons made easy < 3.0.8 - Subscriber+ Stored Cross-Site Scripting — Menu Image, Icons made easy 5.4 -2022-03-28
CVE-2022-0397 WPC Smart Wishlist for WooCommerce < 2.9.4 - Reflected Cross-Site Scripting — WPC Smart Wishlist for WooCommerceCWE-79 5.4 -2022-03-28
CVE-2022-0388 Interactive Medical Drawing of Human Body < 2.6 - Admin+ Stored XSS — Interactive Medical Drawing of Human BodyCWE-79 4.8 -2022-03-28
CVE-2021-25071 Akismet Privacy Policies <= 2.0.1 - Reflected Cross-Site Scripting — Akismet Privacy PoliciesCWE-79 6.1 -2022-03-28
CVE-2021-25070 WP Block and Stop Bad Bots < 6.88 - Unauthenticated SQLi — Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam ProtectionCWE-89 9.1 -2022-03-28
CVE-2021-25068 Sync WooCommerce Product feed to Google Shopping <= 1.2.4 - Admin+ SQLi — Sync WooCommerce Product feed to Google ShoppingCWE-89 7.2 -2022-03-28
CVE-2021-25064 Wow Countdowns <= 3.1.2 - Admin+ SQLi — Wow Countdowns – easily create any countdowns, counters and timersCWE-89 7.2 -2022-03-28
CVE-2021-25012 Pz-LinkCard <= 2.4.4.4 - Reflected Cross-Site Scripting — Pz-LinkCardCWE-79 6.1 -2022-03-28
CVE-2021-24978 OSMapper <= 2.1.5 - Unauthenticated Arbitrary Post Deletion — OSMapperCWE-862 7.5 -2022-03-28

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.