Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-25032 PublishPress Capabilities < 2.3.1 - Unauthenticated Arbitrary Options Update to Blog Compromise — PublishPress Capabilities – User Role Access, Editor Permissions, Admin MenusCWE-352 9.8 -2022-01-10
CVE-2021-25040 Booking Calendar < 8.9.2 - Reflected Cross-Site Scripting — Booking CalendarCWE-79 6.1 -2022-01-03
CVE-2021-25030 Events Made Easy < 2.2.36 - Subscriber+ SQL Injection — Events Made EasyCWE-89 8.8 -2022-01-03
CVE-2021-25027 PowerPack Addons for Elementor < 2.6.2 - Reflected Cross-Site Scripting — PowerPack Addons for ElementorCWE-79 6.1 -2022-01-03
CVE-2021-25022 UpdraftPlus < 1.16.66 - Reflected Cross-Site Scripting — UpdraftPlus WordPress Backup PluginCWE-79 6.1 -2022-01-03
CVE-2021-25023 Speed Booster Pack < 4.3.3.1 - Admin+ SQL Injection — Speed Booster Pack ⚡ PageSpeed Optimization SuiteCWE-89 7.2 -2022-01-03
CVE-2021-25021 OMGF < 4.5.12 - Admin+ Arbitrary Folder Deletion via Path Traversal — OMGF | Host Google Fonts LocallyCWE-22 4.9 -2022-01-03
CVE-2021-25020 CAOS < 4.1.9 - Admin+ Arbitrary Folder Deletion via Path Traversal — CAOS | Host Google Analytics LocallyCWE-22 4.9 -2022-01-03
CVE-2021-25001 Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in Product XML Feeds Module — Booster for WooCommerceCWE-79 6.1 -2022-01-03
CVE-2021-25016 Chaty < 2.8.3 - Reflected Cross-Site Scripting — Floating Chat Widget: Contact Icons, Messages, Telegram, Email, SMS, Call Button – ChatyCWE-79 6.1 -2022-01-03
CVE-2021-25000 Booster for WooCommerce < 5.4.9 - Reflected Cross-Site Scripting in General Module — Booster for WooCommerceCWE-79 6.1 -2022-01-03
CVE-2021-24991 WooCommerce PDF Invoices & Packing Slips < 2.10.5 - Reflected Cross-Site Scripting — WooCommerce PDF Invoices & Packing SlipsCWE-79 6.1 -2022-01-03
CVE-2021-24999 Booster for Woocommerce < 5.4.9 - Reflected Cross-Site Scripting in PDF Invoicing Module — Booster for WooCommerceCWE-79 6.1 -2022-01-03
CVE-2021-24973 Site Reviews < 5.17.3 - Unauthenticated Stored Cross-Site Scripting — Site ReviewsCWE-79 6.1 -2022-01-03
CVE-2021-24964 LiteSpeed Cache < 4.4.4 - IP Check Bypass to Unauthenticated Stored XSS — LiteSpeed CacheCWE-79 6.1 -2022-01-03
CVE-2021-24963 LiteSpeed Cache < 4.4.4 - Admin+ Reflected Cross-Site Scripting — LiteSpeed CacheCWE-79 6.1 -2022-01-03
CVE-2021-24893 Stars Rating < 3.5.1 - Comments Denial of Service — Stars RatingCWE-400 8.2 -2022-01-03
CVE-2021-24831 Tab - Accordion, FAQ < 1.3.2 - Unauthenticated AJAX Calls — Tab – Accordion, FAQCWE-862 7.5 -2022-01-03
CVE-2021-24828 Mortgage Calculator / Loan Calculator < 1.5.17 - Contributor+ Stored Cross-Site Scripting — Mortgage Calculator / Loan CalculatorCWE-79 5.4 -2022-01-03
CVE-2021-24786 Download Monitor < 4.4.5 - Admin+ SQL Injection — Download MonitorCWE-89 7.2 -2022-01-03
CVE-2021-24680 WP Travel Engine < 5.3.1 - Editor+ Stored Cross-Site Scripting — WP Travel Engine – Travel and Tour Booking PluginCWE-79 5.4 -2022-01-03
CVE-2021-24997 WP Guppy < 1.3 - Sensitive Information Disclosure — WP GuppyCWE-862 6.5 -2021-12-27
CVE-2021-24998 Simple JWT Login < 3.3.0 - Insecure Password Creation — Simple JWT Login 9.8 -2021-12-27
CVE-2021-24992 Buttonizer - Smart Floating Action Button < 2.5.5 - Admin+ Stored Cross-Site Scripting — Smart Floating / Sticky Buttons – Call, Sharing, Chat Widgets & More – ButtonizerCWE-79 4.8 -2021-12-27
CVE-2021-24984 WPFront User Role Editor < 3.2.1.11184 - Reflected Cross-Site Scripting — WPFront User Role EditorCWE-79 6.1 -2021-12-27
CVE-2021-24988 WP RSS Aggregator < 4.19.3 - Subscriber+ Stored Cross-Site Scripting — WP RSS Aggregator – News Feeds, Autoblogging, Youtube Video Feeds and MoreCWE-79 5.4 -2021-12-27
CVE-2021-24980 Gwolle Guestbook < 4.2.0 - Reflected Cross-Site Scripting — Gwolle GuestbookCWE-79 6.1 -2021-12-27
CVE-2021-24979 Paid Memberships Pro < 2.6.6 - Reflected Cross-Site Scripting — Paid Memberships ProCWE-79 6.1 -2021-12-27
CVE-2021-24967 Contact Form & Lead Form Elementor Builder < 1.6.4 - Unauthenticated Stored Cross-Site Scripting — Contact Form & Lead Form Elementor BuilderCWE-79 6.1 -2021-12-27
CVE-2021-24969 Download Manager < 3.2.22 - Subscriber+ Stored Cross-Site Scripting — WordPress Download ManagerCWE-79 5.4 -2021-12-27

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.