Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2023-5360	Royal Elementor Addons and Templates < 1.3.79 - Unauthenticated Arbitrary File Upload — Royal Elementor Addons and Templates	9.8	-	2023-10-31
CVE-2023-5798	Assistant < 1.4.4 - Editor+ SSRF — Assistant	8.1	-	2023-10-26
CVE-2023-4289	WP Matterport Shortcode < 2.1.8 - Contributor+ Stored XSS via shortcode — WP Matterport Shortcode	5.4	-	2023-10-16
CVE-2023-5089	Defender Security < 4.1.0 - Protection Bypass (Hidden Login Page) — Defender Security	6.1	-	2023-10-16
CVE-2023-4821	Drag and Drop Multiple File Upload < 1.1.1 - Unauthenticated Stored Cross-Site Scripting — Drag and Drop Multiple File Upload for WooCommerce	9.1	-	2023-10-16
CVE-2023-4933	WP Job Openings < 3.4.3 - Sensitive Data Exposure via Directory Listing — WP Job Openings	7.5	-	2023-10-16
CVE-2023-4820	PowerPress Podcasting < 11.0.12 - Contributor+ Stored XSS — PowerPress Podcasting plugin by Blubrry	8.9	-	2023-10-16
CVE-2023-4861	File Manager Pro < 1.8.1 - Admin+ Remote Code Execution — File Manager Pro	7.2	-	2023-10-16
CVE-2023-4725	Simple Posts Ticker < 1.1.6 - Admin+ Stored XSS — Simple Posts Ticker	4.8	-	2023-10-16
CVE-2023-4800	DoLogin Security < 3.7.1 - Subscriber+ IP Address leak — DoLogin Security	4.3	-	2023-10-16
CVE-2023-5133	User Activity Log Pro < 2.3.4 - IP Spoofing — user-activity-log-pro	7.5	-	2023-10-16
CVE-2023-3279	NextGEN Gallery < 3.39 - Admin+ Local File Inclusion — WordPress Gallery Plugin	4.9	-	2023-10-16
CVE-2023-4811	WordPress File Upload < 4.23.3 - Author+ Stored Cross-Site Scripting — WordPress File Upload	4.8	-	2023-10-16
CVE-2023-3706	ActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Title Disclosure — ActivityPub	4.3	-	2023-10-16
CVE-2023-3746	ActivityPub for WordPress < 1.0.1 - Contributor+ Stored XSS — ActivityPub	5.4	-	2023-10-16
CVE-2023-4646	Simple Posts Ticker < 1.1.6 - Contributor+ Stored XSS — Simple Posts Ticker	5.4	-	2023-10-16
CVE-2023-5057	ActivityPub for WordPress < 1.0.0 - Contributor+ Stored XSS — ActivityPub	5.4	-	2023-10-16
CVE-2023-3707	ActivityPub for WordPress < 1.0.0 - Subscriber+ Arbitrary Post Content Disclosure — ActivityPub	6.5	-	2023-10-16
CVE-2023-4666	Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload — Form Maker by 10Web	9.8	-	2023-10-16
CVE-2023-4798	User Avatar - Reloaded < 1.2.2 - Contributor+ Stored XSS — User Avatar	5.4	-	2023-10-16
CVE-2023-5003	Active Directory Integration < 4.1.10 - Unauthenticated Log Disclosure — Active Directory Integration / LDAP Integration	7.5	-	2023-10-16
CVE-2023-3155	NextGEN Gallery < 3.39 - Admin+ Arbitrary File Read and Delete — WordPress Gallery Plugin	9.8	-	2023-10-16
CVE-2023-4805	Tutor LMS < 2.3.0 - Subscriber+ Stored Cross-Site Scripting — Tutor LMS	5.4	-	2023-10-16
CVE-2023-3154	NextGEN Gallery < 3.39 - Admin+ PHAR Deserialization — WordPress Gallery Plugin	9.8	-	2023-10-16
CVE-2023-4691	Bookly < 22.4 - Admin+ SQLi — WordPress Online Booking and Scheduling Plugin	7.2	-	2023-10-16
CVE-2023-4783	Magee Shortcodes <= 2.1.1 - Contributor+ Stored XSS via shortcode — Magee Shortcodes	5.4	-	2023-10-16
CVE-2023-4795	Testimonial Slider Shortcode < 1.1.9 - Contributor+ Stored XSS — Testimonial Slider Shortcode	5.4	-	2023-10-16
CVE-2023-4687	PageLayer < 1.7.7 - Unauthenticated Stored XSS — Page Builder: Pagelayer	5.3	-	2023-10-16
CVE-2023-4388	EventON < 2.2 - Admin+ Stored XSS — EventON	4.8	-	2023-10-16
CVE-2023-5167	User Activity Log Pro < 2.3.4 - Unauthenticated Stored Cross-Site Scripting via User Agent — user-activity-log-pro	5.4	-	2023-10-16

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Unknown — Vulnerabilities & Security Advisories 4139