Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2015-20106 ClickBank Affiliate Ads <= 1.20 - Admin+ Stored Cross-Site Scripting — ClickBank Affiliate AdsCWE-79 4.8 -2021-12-02
CVE-2015-20105 ClickBank Affiliate Ads <= 1.20 - CSRF to Stored Cross-Site Scripting — ClickBank Affiliate AdsCWE-79 6.1 -2021-12-02
CVE-2020-35037 Events Manager < 5.9.8 - Cross-Site Scripting (XSS) — Events ManagerCWE-79 6.1 -2021-12-01
CVE-2020-35012 Events Manager < 5.9.8 - Admin+ SQL Injection — Events ManagerCWE-89 7.2 -2021-12-01
CVE-2021-24927 My Calendar < 3.2.18 - Subscriber+ Reflected Cross-Site Scripting — My CalendarCWE-79 5.4 -2021-11-29
CVE-2021-24918 Smash Balloon Social Post Feed < 4.0.1 - Subscriber+ Arbitrary Plugin Settings Update to Stored XSS — Smash Balloon Social Post FeedCWE-79 5.4 -2021-11-29
CVE-2021-24915 Contest Gallery < 13.1.0.6 - Missing Access Controls to Unauthenticated SQL injection / Email Address Disclosure — Contest Gallery – Photo Contest Plugin for WordPressCWE-89 9.1 -2021-11-29
CVE-2021-24908 Check & Log Email < 1.0.4 - Reflected Cross-Site Scripting — Check & Log EmailCWE-79 6.1 -2021-11-29
CVE-2021-24899 Media-Tags <= 3.2.0.2 - Admin+ Stored Cross-Site Scripting — Media TagsCWE-79 4.8 -2021-11-29
CVE-2021-24889 Ninja Forms < 3.6.4 - Admin+ SQL Injection — Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPressCWE-89 7.2 -2021-11-29
CVE-2021-24883 Popup Anything < 2.0.4 - Contributor+ Stored Cross-Site Scripting — Popup Anything – A Marketing PopupCWE-79 5.4 -2021-11-29
CVE-2021-24876 Registrations for The Events Calendar < 2.7.5 - Reflected Cross-Site Scripting — Registrations for the Events Calendar – Event Registration PluginCWE-79 6.1 -2021-11-29
CVE-2021-24860 BSK PDF Manager < 3.1.2 - Admin+ SQL Injection — BSK PDF ManagerCWE-89 7.2 -2021-11-29
CVE-2021-24842 Bulk Datetime Change < 1.12 - Missing Authorisation — Bulk Datetime ChangeCWE-862 5.4 -2021-11-29
CVE-2021-24822 Stylish Cost Calculator < 7.04 - Subscriber+ Unauthorised AJAX Calls to Stored XSS — Stylish Cost CalculatorCWE-79 5.4 -2021-11-29
CVE-2021-24811 Shop Page WP < 1.2.8 - Admin+ Stored Cross-Site Scripting — Shop Page WPCWE-79 4.8 -2021-11-29
CVE-2021-24768 WP RSS Aggregator < 4.19.2 - Admin+ Stored Cross-Site Scripting — WP RSS Aggregator – News Feeds, Autoblogging, Youtube Video Feeds and MoreCWE-79 4.8 -2021-11-29
CVE-2021-24755 myCred < 2.3 - Subscriber+ SQL Injection — myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty PluginCWE-89 8.8 -2021-11-29
CVE-2021-24751 GenerateBlocks < 1.4.0 - Contributor+ Stored Cross-Site Scripting — GenerateBlocksCWE-79 5.4 -2021-11-29
CVE-2021-24749 URL Shortify < 1.5.1 - Arbitrary Link/Group Deletion via CSRF — URL Shortify – Simple, Powerful and Easy URL Shortener Plugin For WordPressCWE-352 6.5 -2021-11-29
CVE-2021-24748 Email Before Download < 6.8 - Admin+ SQL Injection — Email Before DownloadCWE-89 8.8 -2021-11-29
CVE-2021-24745 About Author Box < 1.0.2 - Contributor+ Stored Cross-Site Scripting — About Author BoxCWE-79 5.4 -2021-11-29
CVE-2017-20008 myCRED < 1.7.8 - Reflected Cross-Site Scripting — myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty PluginCWE-79 6.1 -2021-11-29
CVE-2021-24894 Reviews Plus < 1.2.14 - Subscriber+ Reviews DoS — Reviews PlusCWE-191 6.5 -2021-11-23
CVE-2021-24891 Elementor < 3.4.8 - DOM Cross-Site-Scripting — Elementor Website BuilderCWE-79 6.1 -2021-11-23
CVE-2021-24888 ImageBoss < 3.0.6 - Admin+ Stored Cross-Site Scripting — ImageBoss – Images Up To 60% Smaller & CDNCWE-79 4.8 -2021-11-23
CVE-2021-24882 Slideshow Gallery < 1.7.4 - Admin+ Stored Cross-Site Scripting — Slideshow GalleryCWE-79 4.8 -2021-11-23
CVE-2021-24877 MainWP Child < 4.1.8 - Admin+ SQL Injection — MainWP Child - Securely connects sites to the MainWP WordPress Manager DashboardCWE-89 7.2 -2021-11-23
CVE-2021-24875 eCommerce Product Catalog for WordPress < 3.0.39 - Reflected Cross-Site Scripting — eCommerce Product Catalog Plugin for WordPressCWE-79 6.1 -2021-11-23
CVE-2021-24873 Tutor LMS < 1.9.11 - Reflected Cross-Site Scripting — Tutor LMS – eLearning and online course solutionCWE-79 6.1 -2021-11-23

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.