Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-1779 Auto Delete Posts <= 1.3.0 - Arbitrary Settings Update via CSRF — Auto Delete PostsCWE-352 6.5 -2022-06-13
CVE-2022-1777 Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX Calls — Filr – Secure document libraryCWE-862 8.3 -2022-06-13
CVE-2022-1773 WP Athletics <= 1.1.7 - Reflected Cross-Site Scripting — WP AthleticsCWE-79 6.1 -2022-06-13
CVE-2022-1772 Google Places Review < 2.0.0 - Admin+ Stored Cross Site Scripting — Google Places ReviewsCWE-79 6.9 -2022-06-13
CVE-2022-1765 Hot Linked Image Cacher <= 1.16 - Image upload/cache abuse via CSRF — Hot Linked Image CacherCWE-352 8.1 -2022-06-13
CVE-2022-1764 WP-chgFontSize <= 1.8 - Arbitrary Settings Update via CSRF to Stored XSS — WP-chgFontSizeCWE-352 4.1 -2022-06-13
CVE-2022-1763 Static Page eXtended <= 2.1 - Arbitrary Settings Update via CSRF to Stored XSS — Static Page eXtendedCWE-352 9.3 -2022-06-13
CVE-2022-1762 iQ Block Country < 1.2.20 - Protection Bypass due to IP Spoofing — iQ Block Country 5.3 -2022-06-13
CVE-2022-1761 Peter’s Collaboration E-mails <= 2.2.0 - Arbitrary Settings Update via CSRF — Peter’s Collaboration E-mailsCWE-352 6.5 -2022-06-13
CVE-2022-1759 RB Internal Links <= 2.0.16 - Stored Cross-Site Scripting via CSRF — RB Internal LinksCWE-352 5.4 -2022-06-13
CVE-2022-1758 Genki Pre-Publish Reminder <= 1.4.1 - Stored XSS & RCE via CSRF — Genki Pre-Publish ReminderCWE-352 8.8 -2022-06-13
CVE-2022-1756 Newsletter < 7.4.5 - Reflected Cross-Site Scripting — Newsletter – Send awesome emails from WordPressCWE-79 6.1 -2022-06-13
CVE-2022-1724 Simple Membership < 4.1.1 - Reflected Cross-Site Scripting — Simple MembershipCWE-79 6.1 -2022-06-13
CVE-2022-1710 Appointment Hour Booking < 1.3.56 - Admin+ Stored Cross-Site Scripting — Appointment Hour Booking – WordPress Booking PluginCWE-79 4.8 -2022-06-13
CVE-2022-1694 Useful Banner Manager <= 1.6.1 - Modify banners via CSRF — Useful Banner ManagerCWE-352 6.5 -2022-06-13
CVE-2022-1624 Latest Tweets Widget <= 1.1.4 - Arbitrary Settings Update via CSRF — Latest Tweets WidgetCWE-352 4.3 -2022-06-13
CVE-2022-1612 Webriti SMTP Mail <= 1.0 - Arbitrary Settings Update via CSRF — Webriti SMTP MailCWE-352 4.3 -2022-06-13
CVE-2022-1608 OnePress Social Locker <= 5.6.2 - Arbitrary Settings Update via CSRF — OnePress Social LockerCWE-352 4.3 -2022-06-13
CVE-2022-1605 Email Users <= 4.8.8 - Arbitrary Settings Update via CSRF — Email UsersCWE-352 6.5 -2022-06-13
CVE-2022-1604 MailerLite < 1.5.4 - Reflected Cross-Site Scripting — MailerLite – Signup forms (official)CWE-79 6.1 -2022-06-13
CVE-2022-1595 HC Custom WP-Admin URL <= 1.4 - Unauthenticated Secret URL Disclosure — HC Custom WP-Admin URLCWE-200 7.5 -2022-06-13
CVE-2022-1594 HC Custom WP-Admin URL <= 1.4 - Arbitrary Settings Update via CSRF — HC Custom WP-Admin URLCWE-352 4.3 -2022-06-13
CVE-2022-1549 WP Athletics <= 1.1.7 - Subscriber+ Stored Cross-Site Scripting — WP AthleticsCWE-79 5.4 -2022-06-13
CVE-2022-1532 Themify - WooCommerce Product Filter < 1.3.8 - Reflected Cross-Site Scripting — Themify – WooCommerce Product FilterCWE-79 6.1 -2022-06-13
CVE-2022-1412 Log WP_Mail <= 0.1 - Email Logs Publicly Accessible — Log WP_Mail 7.5 -2022-06-13
CVE-2022-1336 Carousel CK <= 1.1.0 - Admin+ Stored Cross-Site Scripting — Carousel CKCWE-79 4.8 -2022-06-13
CVE-2022-1335 Slideshow CK < 1.4.10 - Admin+ Stored Cross-Site Scripting — Slideshow CKCWE-79 4.8 -2022-06-13
CVE-2022-1202 WP-CRM <= 1.2.1 - CSV Injection — WP-CRM – Customer Relations Management for WordPressCWE-1236 7.8 -2022-06-13
CVE-2022-0885 Member Hero <= 1.0.9 - Unauthenticated RCE — Member Hero 9.8 -2022-06-13
CVE-2022-0863 WP SVG Icons <= 3.2.3 - Admin+ Remote Code Execution (RCE) — WP SVG IconsCWE-434 7.2 -2022-06-13

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.