Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2023-0733 Newsletter Popup <= 1.2 - Unauthenticated Stored XSS — Newsletter Popup 6.1 -2023-05-30
CVE-2023-1524 Download Manager < 3.2.71 - Broken Access Controls — Download Manager 6.5 -2023-05-30
CVE-2023-2470 Add to Feedly <= 1.2.11 - Admin+ Stored XSS — Add to Feedly 4.8 -2023-05-30
CVE-2023-2256 Product Addons & Fields for WooCommerce < 32.0.7 - Reflected Cross-Site Scripting — Product Addons & Fields for WooCommerce 6.1 -2023-05-30
CVE-2023-2713 IDOR vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform. — Rental ModuleCWE-639 9.8 Critical2023-05-20
CVE-2023-2712 Malicious File Upload vulnerability in "Rental Module" developed by third-party for Ideasoft's E-commerce Platform. — Rental ModuleCWE-434 9.8 Critical2023-05-20
CVE-2023-0233 ActiveCampaign < 8.1.12 - Contributor+ Stored XSS — ActiveCampaign 5.4 -2023-05-15
CVE-2023-1839 Product Addons & Fields for WooCommerce < 32.0.6 - Admin+ Stored Cross-Site Scripting — Product Addons & Fields for WooCommerce 4.8 -2023-05-15
CVE-2023-1835 Ninja Forms < 3.6.22 - Reflected XSS — Ninja Forms Contact Form 6.1 -2023-05-15
CVE-2022-4774 Bit Form < 1.9 - RCE via Unauthenticated Arbitrary File Upload — Bit Form 9.8 -2023-05-15
CVE-2023-0761 Clock In Portal <= 2.1 - Staff Deletion via CSRF — Clock In Portal- Staff & Attendance Management 4.3 -2023-05-15
CVE-2023-1019 Help Desk WP <= 1.2.0 - Editor+ Stored XSS — Help Desk WP 5.4 -2023-05-15
CVE-2023-2009 Pretty Url <= 1.5.4 - Admin+ Stored XSS in plugin settings — Pretty Url 4.8 -2023-05-15
CVE-2023-1890 Tablesome < 1.0.9 - Reflected XSS — Tablesome 6.1 -2023-05-15
CVE-2023-0644 PushAssist <= 3.0.8 - Reflected Cross-Site Scripting — Push Notifications for WordPress by PushAssist 6.1 -2023-05-15
CVE-2023-0490 f(x) TOC <= 1.1.0 - Contributor+ Stored XSS — f(x) TOC 5.4 -2023-05-15
CVE-2023-0812 Active Directory Integration / LDAP Integration < 4.1.1 - Unauthenticated Data Disclosure — Active Directory Integration / LDAP Integration 7.5 -2023-05-15
CVE-2023-0520 RapidExpCart <= 1.0 - Stored XSS via CSRF — RapidExpCart 6.1 -2023-05-15
CVE-2023-0763 Clock In Portal <= 2.1 - Holidays Deletion via CSRF — Clock In Portal- Staff & Attendance Management 4.3 -2023-05-15
CVE-2023-1596 tagDiv Composer < 4.0 - Reflected Cross-site Scripting — tagDiv Composer 6.1 -2023-05-15
CVE-2023-2179 WooCommerce Order Status Change Notifier <= 1.1.0 - Subscriber+ Arbitrary Order Status Update — WooCommerce Order Status Change Notifier 4.3 -2023-05-15
CVE-2023-2180 KIWIZ Invoices Certification & PDF System <= 2.1.3 - Unauthenticated Arbitrary File Download — KIWIZ Invoices Certification & PDF System 9.8 -2023-05-15
CVE-2023-0892 BizLibrary <= 1.1 - Admin+ Stored XSS — BizLibrary 4.8 -2023-05-15
CVE-2023-0762 Clock In Portal <= 2.1 - Designation Deletion via CSRF — Clock In Portal- Staff & Attendance Management 6.5 -2023-05-15
CVE-2023-1915 Thumbnail carousel slider < 1.1.10 - Reflected XSS — Thumbnail carousel slider 6.1 -2023-05-15
CVE-2023-0600 WP Visitor Statistics (Real Time Traffic) < 6.9 - Unauthenticated SQLi — WP Visitor Statistics (Real Time Traffic) 9.8 -2023-05-15
CVE-2023-1549 Ad Inserter < 2.7.27 - Admin+ PHP Object Injection — Ad Inserter 7.2 -2023-05-15
CVE-2023-1207 HTTP Headers < 1.18.8 - Admin+ SQL Injection — HTTP Headers 9.8 -2023-05-15
CVE-2023-0268 Mega Addons For WPBakery Page Builder < 4.3.0 - Contributor+ Stored XSS — Mega Addons For WPBakery Page Builder 5.4 -2023-05-08
CVE-2023-0526 Post Shortcode <= 2.0.9 - Contributor+ Stored Cross-Site Scripting — Post Shortcode 5.4 -2023-05-08

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.