Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2024-2908 Call Now Button < 1.4.7 - Admin+ Stored XSS — Call Now Button 4.8AIMediumAI2024-04-26
CVE-2024-2603 Salon booking system <= 9.6.5 - Editor+ Stored XSS via Email Settings — Salon booking system 4.8AIMediumAI2024-04-26
CVE-2024-2429 Salon booking system <= 9.6.5 - Settings Update via CSRF — Salon booking system 4.3AIMediumAI2024-04-26
CVE-2024-2439 Salon booking system <= 9.6.5 - Editor+ Stored XSS — Salon booking system 4.8AIMediumAI2024-04-26
CVE-2024-2837 WP Chat App < 3.6.4 - Admin+ Stored XSS — WP Chat App 4.8AIMediumAI2024-04-26
CVE-2024-2310 WP Google Review Slider < 13.6 - Admin+ Stored XSS — WP Google Review Slider 4.8AIMediumAI2024-04-26
CVE-2024-0905 Fancy Product Designer < 6.1.8 - Reflected Cross Site Scripting — Fancy Product Designer 6.1AIMediumAI2024-04-26
CVE-2024-2159 Sassy Social Share < 3.3.61 - Contributor+ Stored XSS — Social Sharing Plugin 5.4AIMediumAI2024-04-26
CVE-2024-3265 WP Advanced Search <= 1.1.6 - Admin+ SQL Injection — Advanced Search 7.2AIHighAI2024-04-25
CVE-2024-2907 AGCA – Custom Dashboard & Login Page < 7.2.2 - Admin+ Stored XSS via Image URL — AGCA 4.8AIMediumAI2024-04-25
CVE-2024-3261 Strong Testimonials < 3.1.12 - Contributor+ Stored XSS — Strong Testimonials 5.4 -2024-04-24
CVE-2024-2404 Better Comments < 1.5.6 - Subscriber+ Stored XSS — Better Comments 5.4 -2024-04-24
CVE-2024-2402 Better Comments < 1.5.6 - Admin+ Stored XSS — Better Comments 4.8 -2024-04-24
CVE-2024-2972 Floating Chat Widget < 3.1.9 - Editor+ Stored XSS — Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button 4.8 -2024-04-24
CVE-2023-7253 Import WP < 2.13.1 - Admin+ Server-side Request Forgery — Import WP 4.9 -2024-04-24
CVE-2024-1756 WooCommerce Customers Manager < 29.8 - Subscriber+ Email Disclosure — WooCommerce Customers Manager 4.3 -2024-04-24
CVE-2024-1743 WooCommerce Customers Manager < 29.8 - Reflected XSS — WooCommerce Customers Manager 6.1 -2024-04-24
CVE-2023-7252 Tickera < 3.5.2.5 - Ticket leakage through IDOR — Tickera 4.3 -2024-04-22
CVE-2024-2761 Genesis Blocks < 3.1.3 - Contributor+ Stored XSS — Genesis Blocks 5.4 -2024-04-19
CVE-2024-2729 Otter Blocks < 2.6.6 - Contributor+ Stored XSS — Otter Blocks 5.4 -2024-04-18
CVE-2024-2101 WordPress Plugin Salon Booking System < 9.6.3 - Unauthenticated Stored Cross-Site Scripting (XSS) — Salon booking system 5.4AIMediumAI2024-04-17
CVE-2024-2102 Salon booking system < 9.6.3 - Unauthenticated Stored XSS — Salon booking system 5.4AIMediumAI2024-04-17
CVE-2024-2118 Social Media Share Buttons < 2.8.9 - Admin+ Stored XSS via settings — Social Media Share Buttons & Social Sharing Icons 4.8AIMediumAI2024-04-17
CVE-2024-2309 WP Staging < 3.4.0, 5.4.0 (Pro Version) - Admin+ Stored XSS — WP STAGING WordPress Backup Plugin 4.8AIMediumAI2024-04-17
CVE-2024-1219 Easy Social Feed < 6.5.6 - Contributor+ Stored XSS — Easy Social Feed 5.4AIMediumAI2024-04-17
CVE-2024-0868 coreActivity < 2.1 - Unauthenticated IP Spoofing — coreActivity: Activity Logging plugin for WordPress 7.5AIHighAI2024-04-17
CVE-2024-2858 Simple Buttons Creator <= 1.04 - Aribtrary Button Deletion via CSRF — Simple Buttons Creator 8.1AIHighAI2024-04-15
CVE-2024-2739 Advance Search <= 1.1.6 - Shortcode Deletion via CSRF — Advanced Search 8.1AIHighAI2024-04-15
CVE-2024-2857 Simple Buttons Creator <= 1.04 - Unauthenticated Stored XSS — Simple Buttons Creator 6.1AIMediumAI2024-04-15
CVE-2024-2836 Super Socializer < 7.13.64 - Editor+ Stored XSS — Social Share, Social Login and Social Comments Plugin 4.8AIMediumAI2024-04-15

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.