Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2023-4776 WPSchoolPress < 2.2.5 - Teacher+ SQLi — School Management System 8.8 -2023-10-16
CVE-2023-4643 Enable Media Replace < 4.1.3 - Author+ PHP Object Injection — Enable Media Replace 8.8 -2023-10-16
CVE-2023-4950 Funnelforms Free < 3.4 Unauthenticated Stored Cross-Site Scripting — Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor 6.1 -2023-10-16
CVE-2023-5087 PageLayer < 1.7.8 - Author+ Stored XSS — Page Builder: Pagelayer 5.4 -2023-10-16
CVE-2023-4862 File Manager Pro < 1.8.1 - Admin+ Stored Cross-Site Scripting — File Manager Pro 4.8 -2023-10-16
CVE-2023-4819 Shared Files < 1.7.6 - Unauthenticated Stored Cross-Site Scripting — Shared Files 8.1 -2023-10-16
CVE-2023-5177 Vrm 360 3D Model Viewer <= 1.2.1 - Full Path Disclosure — Vrm 360 3D Model Viewer 5.3 -2023-10-16
CVE-2023-4971 Weaver Xtreme Theme Support < 6.3.1 - Admin+ PHP Object Injection — Weaver Xtreme Theme Support 7.2 -2023-10-16
CVE-2023-4290 WP Matterport Shortcode < 2.1.7 - Reflected XSS — WP Matterport Shortcode 6.1 -2023-10-16
CVE-2023-4620 Booking Calendar < 9.7.3.1 - Unauthenticated Stored XSS — Booking Calendar 5.4 -2023-10-16
CVE-2023-3392 Read More & Accordion < 3.2.7 - Admin+ PHP Object Injection — Read More & Accordion 7.2 -2023-10-16
CVE-2023-4827 File Manager Pro < 1.8 - Remote Code Execution via CSRF — File Manager Pro 8.1 -2023-10-16
CVE-2023-4476 Locatoraid Store Locator < 3.9.24 - Reflected XSS — Locatoraid Store Locator 6.1 -2023-09-25
CVE-2023-4549 DoLogin Security < 3.7 - Unauthenticated Stored Cross-Site Scripting — DoLogin Security 6.1 -2023-09-25
CVE-2023-3664 FileOrganizer <= 1.0.2 - Admin+ Arbitrary File Access — FileOrganizer 7.2 -2023-09-25
CVE-2023-3547 All in One B2B for WooCommerce <= 1.0.3 - Multiple CSRF — All in One B2B for WooCommerce 8.8 -2023-09-25
CVE-2023-4148 Ditty < 3.1.25 - Reflected XSS — Ditty 6.1 -2023-09-25
CVE-2023-4502 Translate WordPress with GTranslate < 3.0.4 - Admin+ Stored XSS — Translate WordPress with GTranslate 4.8 -2023-09-25
CVE-2023-4521 Import XML and RSS Feeds < 2.1.5 - Unauthenticated RCE — Import XML and RSS Feeds 9.8 -2023-09-25
CVE-2023-4631 DoLogin Security < 3.7 - IP Spoofing — DoLogin Security 5.3 -2023-09-25
CVE-2023-4281 Activity Log < 2.8.8 - IP Spoofing — Activity Log 7.5 -2023-09-25
CVE-2023-4238 Prevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload — Prevent files / folders access 9.8 -2023-09-25
CVE-2023-4490 WP Job Portal < 2.0.6 - Unauthenticated SQLi — WP Job Portal 9.8 -2023-09-25
CVE-2023-4300 Import XML and RSS Feeds < 2.1.4 - Admin+ Arbitrary File Upload — Import XML and RSS Feeds 9.8 -2023-09-25
CVE-2023-3226 Popup Builder < 4.2.0 - Admin+ Stored Cross-Site Scripting — Popup Builder 4.8 -2023-09-25
CVE-2023-2995 Leyka < 3.30.4 - Admin+ Stored XSS — Leyka 4.8 -2023-09-19
CVE-2023-4376 Serial Codes Generator and Validator with WooCommerce Support < 2.4.15 - Admin+ Stored XSS — Serial Codes Generator and Validator with WooCommerce Support 4.8 -2023-09-19
CVE-2023-4294 URL Shortify < 1.7.6 - Unauthenticated Stored XSS via referer header — URL Shortify 6.1 -2023-09-11
CVE-2023-4278 MasterStudy LMS < 3.0.18 - Unauthenticated Instructor Account Creation — MasterStudy LMS WordPress Plugin 7.5 -2023-09-11
CVE-2023-3170 tagDiv Composer < 4.2 - Admin+ Stored XSS — tagDiv Composer 4.8 -2023-09-11

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.