Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-24848	Mediamatic < 2.8.1 - Subscriber+ SQL Injection — Mediamatic – Media Library FoldersCWE-89	8.8	-	2021-12-13
CVE-2021-24845	Improved Include Page <= 1.2 - Contributor+ Arbitrary Posts/Pages Access — Improved Include PageCWE-284	6.5	-	2021-12-13
CVE-2021-24836	Temporary Login Without Password < 1.7.1 - Subscriber+ Plugin's Settings Update — Temporary Login Without PasswordCWE-862	4.3	-	2021-12-13
CVE-2021-24819	Page/Post Content Shortcode <= 1.0 - Contributor+ Arbitrary Posts/Pages Access — Page/Post Content ShortcodeCWE-863	4.3	-	2021-12-13
CVE-2021-24818	WP Limits <= 1.0 - Plugin's Settings Update via CSRF — Wp LimitsCWE-352	4.3	-	2021-12-13
CVE-2021-24817	Ultimate NoFollow <= 1.4.8 - Contributor+ Stored Cross-Site Scripting — Ultimate NofollowCWE-79	5.4	-	2021-12-13
CVE-2021-24795	Filter Portfolio Gallery <= 1.5 - Arbitrary Gallery Deletion via CSRF — Filter Portfolio GalleryCWE-352	6.5	-	2021-12-13
CVE-2021-24792	Shiny Buttons <= 1.1.0 - Unauthenticated Stored Cross-Site Scripting — Shiny Buttons – CSS3 Button Generator for WordPressCWE-79	5.4	-	2021-12-13
CVE-2021-24790	Contact Form Advanced Database <= 1.0.8 - Unauthorised AJAX Calls — Contact Form Advanced DatabaseCWE-862	4.3	-	2021-12-13
CVE-2021-24784	WP Admin Logo Changer <= 1.0 - Plugin's Settings Update via CSRF — WP Admin Logo ChangerCWE-352	6.5	-	2021-12-13
CVE-2021-24782	Flex Local Fonts <= 1.0.0 - Admin+ Stored Cross-Site-Scripting — Flex Local FontsCWE-79	4.8	-	2021-12-13
CVE-2021-24780	Single Post Exporter <= 1.1.1 - Plugin's Settings Update via CSRF — Single Post ExporterCWE-352	4.3	-	2021-12-13
CVE-2021-24771	Inspirational Quote Rotator <= 1.0.0 - Admin+ Stored Cross-Site Scripting — Inspirational Quote RotatorCWE-79	4.8	-	2021-12-13
CVE-2021-24756	WP System Log < 1.0.21 - Unauthenticated Stored Cross-Site Scripting — WP System LogCWE-79	6.1	-	2021-12-13
CVE-2021-24747	SEO Booster < 3.8 - Admin+ SQL Injection — SEO BoosterCWE-89	7.2	-	2021-12-13
CVE-2021-24705	NEX-Forms < 8.4.3 - Stored Cross-Site Scripting via CSRF — NEX-Forms	6.1	-	2021-12-13
CVE-2021-25041	Photo Gallery by 10Web < 1.5.68 - Reflected Cross-Site Scripting (XSS) — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79	6.1	-	2021-12-06
CVE-2021-24943	Registrations for the Events Calendar < 2.7.6 - Unauthenticated SQL Injection — Registrations for the Events Calendar – Event Registration PluginCWE-89	9.8	-	2021-12-06
CVE-2021-24939	LoginWP < 3.0.0.5 - Reflected Cross-Site Scripting — LoginWP (Formerly Peter's Login Redirect)CWE-79	6.1	-	2021-12-06
CVE-2021-24938	WooCommerce Currency Switcher < 1.3.7.1 - Reflected Cross-Site Scripting — WOOCS – Currency Switcher for WooCommerce. Professional and Free multi currency plugin – Pay in selected currencyCWE-79	5.4	-	2021-12-06
CVE-2021-24935	WP Google Fonts < 3.1.5 - Reflected Cross-Site Scripting — WP Google FontsCWE-79	6.1	-	2021-12-06
CVE-2021-24931	Secure Copy Content Protection and Content Locking < 2.8.2 - Unauthenticated SQL Injection — Secure Copy Content Protection and Content LockingCWE-89	9.8	-	2021-12-06
CVE-2021-24930	Bookly < 20.3.1 - Staff Member Stored Cross-Site Scripting — WordPress Online Booking and Scheduling Plugin – BooklyCWE-79	5.4	-	2021-12-06
CVE-2021-24924	Email Log < 2.4.8 - Reflected Cross-Site Scripting — Email LogCWE-79	6.1	-	2021-12-06
CVE-2021-24917	WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header — WPS Hide LoginCWE-863	7.5	-	2021-12-06
CVE-2021-24914	Tawk.to Live Chat < 0.6.0 - Subscriber+ Visitor Monitoring & Chat Removal — Tawk.To Live ChatCWE-862	7.3	-	2021-12-06
CVE-2021-24866	WP Data Access < 5.0.0 - Admin+ SQL Injection — WP Data AccessCWE-89	9.8	-	2021-12-06
CVE-2021-24759	PDF.js Viewer < 2.0.2 - Contributor+ Stored Cross-Site Scripting — PDF.js ViewerCWE-79	5.4	-	2021-12-06
CVE-2021-24718	ARForms Form Builder < 1.5 - Admin+ Stored Cross Site Scripting — Contact Form, Survey & Popup Form Plugin for WordPress – ARForms Form BuilderCWE-79	4.8	-	2021-12-06
CVE-2021-24714	WP All Import < 3.6.3 - Admin+ Stored Cross-Site Scripting — Import any XML or CSV File to WordPressCWE-79	4.8	-	2021-12-06

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Unknown — Vulnerabilities & Security Advisories 4138