Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-0535 E2Pdf < 1.16.45 - Admin+ Stored Cross-Site Scripting (XSS) — E2Pdf – Export To Pdf Tool for WordPressCWE-79 4.8 -2022-03-07
CVE-2022-0533 Ditty (formerly Ditty News Ticker) < 3.0.15 - Reflected Cross-Site Scripting (XSS) — Ditty (formerly Ditty News Ticker)CWE-79 6.1 -2022-03-07
CVE-2022-0448 CP Blocks < 1.0.15 - Admin+ Stored Cross-Site Scripting — CP BlocksCWE-79 4.8 -2022-03-07
CVE-2022-0445 WordPress Real Cookie Banner < 2.14.2 - Settings Reset via CSRF — WordPress Real Cookie Banner: GDPR (DSGVO) & ePrivacy Cookie ConsentCWE-352 6.5 -2022-03-07
CVE-2022-0442 UsersWP < 1.2.3.1 - Subscriber+ User Avatar Override — UsersWP – User Registration & User ProfileCWE-639 4.3 -2022-03-07
CVE-2022-0441 MasterStudy LMS < 2.7.6 - Unauthenticated Admin Account Creation — MasterStudy LMS – WordPress LMS PluginCWE-269 9.8 -2022-03-07
CVE-2022-0440 Catch Themes Demo Import < 2.1.1 - Admin+ Remote Code Execution — Catch Themes Demo ImportCWE-434 7.2 -2022-03-07
CVE-2022-0439 Email Subscribers & Newsletters < 5.3.2 - Subscriber+ Blind SQL injection — Email Subscribers & Newsletters 8.0 -2022-03-07
CVE-2022-0434 Page Views Count < 2.4.15 - Unauthenticated SQL Injection — Page View CountCWE-89 9.8 -2022-03-07
CVE-2022-0429 WP Cerber Security, Anti-spam & Malware Scan < 8.9.6 - Unauthenticated Stored Cross-Site Scripting — WP Cerber Security, Anti-spam & Malware ScanCWE-79 6.1 -2022-03-07
CVE-2022-0426 Product Feed PRO for WooCommerce < 11.2.3 - Reflected Cross-Site Scripting — Product Feed PRO for WooCommerceCWE-79 5.4 -2022-03-07
CVE-2022-0422 White Label MS < 2.2.9 - Reflected Cross-Site Scripting — White Label CMSCWE-79 6.1 -2022-03-07
CVE-2022-0420 RegistrationMagic < 5.0.2.2 - Admin+ SQL Injection — RegistrationMagic – Custom Registration Forms, User Registration and User Login PluginCWE-89 7.2 -2022-03-07
CVE-2022-0410 WP Visitor Statistics (Real Time Traffic) < 5.6 - Subscriber+ SQL Injection — WP Visitor Statistics (Real Time Traffic)CWE-89 8.8 -2022-03-07
CVE-2022-0389 WP Time Slots Booking Form < 1.1.63 - Admin+ Stored Cross-Site Scripting — WP Time Slots Booking FormCWE-79 4.8 -2022-03-07
CVE-2022-0384 Video Conferencing with Zoom < 3.8.17 - E-mail Address Disclosure — Video Conferencing with ZoomCWE-200 4.3 -2022-03-07
CVE-2022-0349 NotificationX < 2.3.9 - Unauthenticated Blind SQL Injection — NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With ElementorCWE-89 9.8 -2022-03-07
CVE-2022-0347 LoginPress < 1.5.12 - Reflected Cross-Site Scripting — LoginPress | Custom Login Page CustomizerCWE-79 6.1 -2022-03-07
CVE-2022-0267 AdRotate < 5.8.22 - Admin+ SQL Injection — AdRotate – Ad manager & AdSense AdsCWE-89 7.2 -2022-03-07
CVE-2022-0205 YOP Poll < 6.3.5 - Author+ Stored Cross-Site Scripting — YOP PollCWE-79 5.4 -2022-03-07
CVE-2022-0163 Smart Forms < 2.6.71 - Subscriber+ Form Data Download — Smart Forms – when you need more than just a contact formCWE-862 6.5 -2022-03-07
CVE-2021-25098 Easy Pricing Tables < 3.1.3 - Arbitrary Post Removal via CSRF — Pricing Tables WordPress Plugin – Easy Pricing TablesCWE-352 6.5 -2022-03-07
CVE-2021-25087 Wordpress Download Manager < 3.2.25 - Sensitive Information Disclosure — Download ManagerCWE-862 7.5 -2022-03-07
CVE-2021-25039 Multisite Content Copier/Updater < 2.1.0 - Reflected Cross-Site Scripting — WordPress Multisite Content Copier/UpdaterCWE-79 6.1 -2022-03-07
CVE-2021-25038 Multisite User Sync/Unsync < 2.1.2 - Reflected Cross-Site Scripting — WordPress Multisite User Sync/UnsyncCWE-79 6.1 -2022-03-07
CVE-2021-25009 CorreosExpress <= 2.6.0 - Sensitive Information Disclosure — CorreosExpress – Shipping Management – TagsCWE-532 5.3 -2022-03-07
CVE-2021-24961 WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode — WordPress File UploadCWE-79 5.4 -2022-03-07
CVE-2021-24960 WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG — WordPress File UploadCWE-434 5.4 -2022-03-07
CVE-2021-24953 Advanced iFrame < 2022 - Reflected Cross-Site Scripting — Advanced iFrameCWE-79 6.1 -2022-03-07
CVE-2021-24952 Conversios.io < 4.6.2 - Subscriber+ SQL Injection — Conversios.io – Google Analytics and Google Shopping plugin for WooCommerceCWE-89 8.8 -2022-03-07

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.