Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-24381 NinjaForms < 3.5.8.2 - Admin+ Stored Cross-Site Scripting — Ninja Forms Contact Form – The Drag and Drop Form Builder for WordPressCWE-79 4.8 -2021-10-25
CVE-2021-24760 Gutenberg PDF Viewer Block < 1.0.1 - Contributor+ Stored Cross-Site Scripting — Gutenberg PDF Viewer BlockCWE-79 5.4 -2021-10-18
CVE-2021-24754 MainWP Child Reports < 2.0.8 - Admin+ SQL Injection — MainWP Child ReportsCWE-89 7.2 -2021-10-18
CVE-2021-24743 Podcast Subscribe Buttons < 1.4.2 - Contributor+ Stored XSS — Podcast Subscribe ButtonsCWE-79 5.4 -2021-10-18
CVE-2021-24740 Tutor LMS < 1.9.9 - Multiple Admin+ Stored Cross-Site Scripting — Tutor LMS – eLearning and online course solutionCWE-79 4.8 -2021-10-18
CVE-2021-24736 Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting — Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared FilesCWE-79 5.4 -2021-10-18
CVE-2021-24735 Compact WP Audio Player < 1.9.7 - Setting Change via CSRF — Compact WP Audio PlayerCWE-352 6.5 -2021-10-18
CVE-2021-24734 Compact WP Audio Player < 1.9.7 - Contributor+ Stored Cross-Site Scripting — Compact WP Audio PlayerCWE-79 5.4 -2021-10-18
CVE-2021-24732 Dflip Lite < 1.7.10 - Contributor+ Stored Cross-Site Scripting — PDF Flipbook, 3D Flipbook WordPress – DearFlipCWE-79 5.4 -2021-10-18
CVE-2021-24702 LearnPress < 4.1.3.1 - Multiple Admin+ Stored Cross-Site Scripting — LearnPress – WordPress LMS PluginCWE-79 4.8 -2021-10-18
CVE-2021-24684 PDF Light Viewer < 1.4.12 - Authenticated Command Injection — WordPress PDF Light Viewer PluginCWE-78 8.8 -2021-10-18
CVE-2021-24677 Find My Blocks < 3.4.0 - Private Post Titles Disclosure — Find My BlocksCWE-862 5.3 -2021-10-18
CVE-2021-24675 One User Avatar < 2.3.7 - Avatar Update via CSRF — One User Avatar | User Profile PictureCWE-352 6.5 -2021-10-18
CVE-2021-24672 One User Avatar < 2.3.7 - Contributor+ Stored Cross-Site Scripting — One User Avatar | User Profile PictureCWE-79 5.4 -2021-10-18
CVE-2021-24642 Scroll Baner <= 1.0 - CSRF to RCE — Scroll BanerCWE-352 6.5 -2021-10-18
CVE-2021-24622 WP Ticket < 5.10.4 - Admin+ Stored Cross-Site Scripting — Customer Service Software & Support Ticket SystemCWE-79 4.8 -2021-10-18
CVE-2021-24617 GamePress <= 1.1.0 - Reflected Cross-Site Scripting — GamePress – The Game Database PluginCWE-79 6.1 -2021-10-18
CVE-2021-24615 Wechat Reward <= 1.7 - CSRF to Stored Cross-Site Scripting — 微信打赏(Wechat Reward)CWE-352 5.4 -2021-10-18
CVE-2021-24612 Sociable <= 4.3.4.1 - Admin+ Stored Cross-Site Scripting — SociableCWE-79 4.8 -2021-10-18
CVE-2021-24595 WP Cookie Choice <= 1.1.0 - CSRF to Stored Cross-Site Scripting — Wp Cookie ChoiceCWE-352 6.5 -2021-10-18
CVE-2021-24516 PlanSo Forms <= 2.6.3 - Authenticated Stored Cross-Site Scripting — PlanSo FormsCWE-79 4.8 -2021-10-18
CVE-2021-24416 StreamCast < 2.1.1 - Contributor+ Stored Cross-Site Scripting — StreamCast – Radio Player for WordPressCWE-79 5.4 -2021-10-18
CVE-2021-24415 Polo Video Gallery <= 1.2 - Contributor+ Stored Cross-Site Scripting — Polo Video Gallery – Best wordpress video gallery pluginCWE-79 5.4 -2021-10-18
CVE-2021-24413 Easy Twitter Feed < 1.2 - Contributor+ Stored Cross-Site Scripting — Easy Twitter FeedCWE-79 5.4 -2021-10-18
CVE-2021-24412 Html5 Audio Player < 2.1.3 - Contributor+ Stored Cross-Site Scripting — Html5 Audio Player – Audio Player for WordPressCWE-79 5.4 -2021-10-18
CVE-2021-24737 Comments - wpDiscuz <= 7.3.0 - Admin+ Stored Cross-Site Scripting — Comments – wpDiscuzCWE-79 4.8 -2021-10-11
CVE-2021-24720 GeoDirectory < 2.1.1.3 - Authenticated Stored Cross-Site Scripting (XSS) — Business Directory Plugin | GeoDirectoryCWE-79 5.4 -2021-10-11
CVE-2021-24719 Enfold Theme < 4.8.4 - Reflected Cross-Site Scripting (XSS) — EnfoldCWE-79 6.1 -2021-10-11
CVE-2021-24712 Appointment Hour Booking – WordPress Booking Plugin < 1.3.17 - Authenticated Stored XSS — Appointment Hour Booking – WordPress Booking PluginCWE-79 5.4 -2021-10-11
CVE-2021-24711 Software License Manager < 4.5.1 - Arbitrary Domain Deletion via CSRF — Software License ManagerCWE-352 8.8 -2021-10-11

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.