Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-24965 Five Star Restaurant Reservations < 2.4.8 - Subscriber+ Stored Cross-Site Scripting — Five Star Restaurant Reservations – WordPress Booking PluginCWE-79 5.4 -2022-01-24
CVE-2021-24936 WP Extra File Types < 0.5.1 - CSRF to Stored Cross-Site Scripting — WP Extra File TypesCWE-352 8.2 -2022-01-24
CVE-2021-24923 Newsletter, SMTP, Email marketing and Subscribe forms by Sendinblue < 3.1.25 - Reflected XSS — Newsletter, SMTP, Email marketing and Subscribe forms by SendinblueCWE-79 6.1 -2022-01-24
CVE-2021-24906 Protect WP Admin < 3.6.2 - Unauthenticated Plugin Deactivation — Protect WP AdminCWE-862 7.5 -2022-01-24
CVE-2021-24865 Advanced Custom Fields: Extended < 0.8.8.7 - Admin+ SQL Injection — Advanced Custom Fields: ExtendedCWE-89 7.2 -2022-01-24
CVE-2021-24858 WP Cookie User Info < 1.0.9 - Admin+ SQL Injection — Cookie Notification Plugin for WordPress – WP Cookie User InfoCWE-89 7.2 -2022-01-24
CVE-2021-24733 WP Post Page Clone < 1.2 - Unauthorised Post Access — WP Post Page CloneCWE-863 4.3 -2022-01-24
CVE-2021-24696 Simple Download Monitor < 3.9.9 - Multiple CSRF — Simple Download MonitorCWE-352 8.8 -2022-01-24
CVE-2021-24694 Simple Download Monitor < 3.9.11 - Contributor+ Stored Cross-Site Scripting via Shortcodes — Simple Download MonitorCWE-79 5.4 -2022-01-24
CVE-2021-24423 UpdraftPlus < 1.16.59 - Admin+ Stored Cross-Site Scripting — UpdraftPlus WordPress Backup PluginCWE-79 4.8 -2022-01-24
CVE-2021-25067 Landing Page Builder < 1.4.9.6 - Authenticated Reflected Cross-Site Scripting (XSS) — Landing Page Builder – Lead Page – Optin Page – Squeeze Page – WordPress Landing PagesCWE-79 5.4 -2022-01-17
CVE-2021-25065 Smash Balloon Social Post Feed < 4.1.1 - Authenticated Reflected Cross-Site Scripting (XSS) — Smash Balloon Social Post FeedCWE-79 5.4 -2022-01-17
CVE-2021-25061 WP Booking System – Booking Calendar < 2.0.15 - Authenticated Reflected Cross-Site Scripting (XSS) — WP Booking System – Booking CalendarCWE-79 5.4 -2022-01-17
CVE-2021-25046 Modern Events Calendar Lite < 6.2.0 - Subscriber+ Category Add Leading to Stored XSS — Modern Events Calendar LiteCWE-79 5.4 -2022-01-17
CVE-2021-25037 All In One SEO < 4.1.5.3 - Authenticated SQL Injection — All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase TrafficCWE-89 6.5 -2022-01-17
CVE-2021-25036 All In One SEO < 4.1.5.3 - Authenticated Privilege Escalation — All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase TrafficCWE-287 8.8 -2022-01-17
CVE-2021-25024 Event Calendar < 1.1.51 - Reflected Cross-Site Scripting — EventCalendarCWE-79 6.1 -2022-01-17
CVE-2021-25005 SEUR Oficial < 1.7.0 - Admin+ Stored Cross-Site Scripting — SEUR OficialCWE-79 4.8 -2022-01-17
CVE-2021-24909 ACF Photo Gallery Field < 1.7.5 - Reflected Cross-Site Scripting — ACF Photo Gallery FieldCWE-79 6.1 -2022-01-17
CVE-2021-24838 AnyComment < 0.3.5 - Open Redirect — AnyCommentCWE-601 6.1 -2022-01-17
CVE-2021-25025 Event Calendar < 1.1.51 - Subscriber+ Event Creation — EventCalendarCWE-352 4.3 -2022-01-17
CVE-2021-25054 WPcalc <= 2.1 - Authenticated SQL Injection — WPcalc – create any online calculatorsCWE-89 7.2 -2022-01-10
CVE-2021-25052 Button Generator < 2.3.3 - RFI leading to RCE via CSRF — Button Generator – easily Button BuilderCWE-352 8.8 -2022-01-10
CVE-2021-25053 WP Coder < 2.5.2 - RFI leading to RCE via CSRF — WP Coder – add custom html, css and js codeCWE-352 8.8 -2022-01-10
CVE-2021-25051 Modal Window < 5.2.2 - RFI leading to RCE via CSRF — Modal Window – create popup modal windowCWE-352 8.8 -2022-01-10
CVE-2021-25047 10Web Social Photo Feed < 1.4.29 - Reflected Cross-Site Scripting (XSS) — 10Web Social Photo FeedCWE-79 6.1 -2022-01-10
CVE-2021-25043 WOOCS < 1.3.7.3 - Reflected Cross-Site Scripting — WOOCS – Currency Switcher for WooCommerce. Professional and Free multi currency plugin – Pay in selected currencyCWE-79 6.1 -2022-01-10
CVE-2021-24948 The Plus Addons for Elementor Pro < 5.0.7 - Sensitive Data Disclosure — The Plus Addons for Elementor - ProCWE-200 7.5 -2022-01-10
CVE-2021-24949 The Plus Addons for Elementor Pro < 5.0.7 - Unauthenticated SQL Injection — The Plus Addons for Elementor - ProCWE-89 7.2 -2022-01-10
CVE-2021-24862 RegistrationMagic < 5.0.1.6 - Admin+ SQL Injection — RegistrationMagic – Custom Registration Forms, User Registration and User Login PluginCWE-89 7.2 -2022-01-10

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.