Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-24610	TranslatePress < 2.0.9 - Authenticated Stored Cross-Site Scripting — Translate Multilingual sites – TranslatePressCWE-79	5.4	-	2021-09-27
CVE-2021-24569	Cookie Notice & Compliance for GDPR / CCPA < 2.1.2 - Admin+ Stored Cross-Site Scripting — Cookie Notice & Compliance for GDPR / CCPACWE-79	4.8	-	2021-09-27
CVE-2021-24741	Support Board < 3.3.4 - Multiple Unauthenticated SQL Injections — Support BoardCWE-89	9.8	-	2021-09-20
CVE-2021-24663	Simple School Staff Directory <= 1.1 - Admin+ Arbitrary File Upload — Simple Schools Staff DirectoryCWE-434	7.2	-	2021-09-20
CVE-2021-24657	Limit Login Attempts < 4.0.50 - Unauthenticated Stored Cross-Site Scripting — Limit Login AttemptsCWE-79	6.1	-	2021-09-20
CVE-2021-24640	Gutenslider < 5.2.0 - Contributor+ Stored XSS — WordPress Slider Block GutensliderCWE-79	5.4	-	2021-09-20
CVE-2021-24639	OMGF < 4.5.4 - Subscriber+ Arbitrary File/Folder Deletion — OMGF \| Host Google Fonts LocallyCWE-862	8.1	-	2021-09-20
CVE-2021-24638	OMGF < 4.5.4 - Unauthenticated Path Traversal in REST API — OMGF \| Host Google Fonts LocallyCWE-22	9.1	-	2021-09-20
CVE-2021-24637	Fonts Plugin < 3.0.3 - Contributor+ Stored Cross-Site Scripting — Fonts Plugin \| Google Fonts TypographyCWE-79	5.4	-	2021-09-20
CVE-2021-24636	Print My Blog < 3.4.2 - Plugin Deactivation via CSRF — Print My Blog – Print, PDF, & eBook Converter WordPress PluginCWE-352	8.1	-	2021-09-20
CVE-2021-24635	Visual Link Preview < 2.2.3 - Unauthorised AJAX Calls — Visual Link PreviewCWE-284	5.4	-	2021-09-20
CVE-2021-24618	Donate With QRCode < 1.4.5 - Stored Cross-Site Scripting — Donate With QRCodeCWE-79	5.4	-	2021-09-20
CVE-2021-24613	Post Views Counter < 1.3.5 - Authenticated Stored XSS — Post Views CounterCWE-79	4.8	-	2021-09-20
CVE-2021-24609	WP Mapa Politico Espana < 3.7.0- Authenticated Stored XSS — WP Mapa Politico EspañaCWE-79	4.8	-	2021-09-20
CVE-2021-24606	Availability Calendar < 1.2.1 - Authenticated SQL Injection — Availability CalendarCWE-89	8.8	-	2021-09-20
CVE-2021-24604	Availability Calendar < 1.2.2 - Authenticated Stored Cross-Site Scripting — Availability CalendarCWE-79	4.8	-	2021-09-20
CVE-2021-24600	WP Dialog <= 1.2.5.5 - Authenticated Stored Cross-Site Scripting — WP DialogCWE-79	4.8	-	2021-09-20
CVE-2021-24597	You Shang <= 1.0.1 - Authenticated Stored Cross-Site Scripting — 有赏 You ShangCWE-79	5.4	-	2021-09-20
CVE-2021-24596	youForms for WordPress <= 1.0.5 - Authenticated Stored Cross-Site Scripting — youForms for WordPress – Creating Forms for CopeCartCWE-79	4.8	-	2021-09-20
CVE-2021-24587	Splash Header < 1.20.8 - Authenticated Stored Cross-Site Scripting (XSS) — Splash HeaderCWE-79	5.4	-	2021-09-20
CVE-2021-24585	Timetable and Event Schedule by MotoPress < 2.4.0 - Arbitrary User's Hashed Password/Email/Username Disclosure — Timetable and Event Schedule by MotoPressCWE-200	6.5	-	2021-09-20
CVE-2021-24584	Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Update — Timetable and Event Schedule by MotoPressCWE-352	5.4	-	2021-09-20
CVE-2021-24583	Timetable and Event Schedule by MotoPress < 2.4.2 - Unauthorised Event TimeSlot Deletion — Timetable and Event Schedule by MotoPressCWE-284	3.5	-	2021-09-20
CVE-2021-24582	ThinkTwit < 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS) — ThinkTwitCWE-79	5.4	-	2021-09-20
CVE-2021-24530	Alojapro Widget <= 1.1.15 - Authenticated Stored Cross-Site Scripting (XSS) — Alojapro WidgetCWE-79	4.8	-	2021-09-20
CVE-2021-24525	Shortcodes Ultimate < 5.10.2 - Contributor+ Stored XSS — WordPress Shortcodes Plugin — Shortcodes UltimateCWE-79	5.4	-	2021-09-20
CVE-2021-24511	Create WooCommerce Product Feeds For 40+ Merchants < 3.3.1.0 - Authenticated SQL Injection — Product Feed on WooCommerce for Google, Awin, Shareasale, Bing, and MoreCWE-89	7.2	-	2021-09-20
CVE-2021-24404	WP-Board <= 1.1 (beta) - Unauthenticated SQL Injection — WP-BoardCWE-89	7.2	-	2021-09-20
CVE-2021-24403	WordPress Page Contact <= 1.0 - Authenticated (editor+) SQL Injection — WordPress Page ContactCWE-89	7.2	-	2021-09-20
CVE-2021-24402	WP iCommerce <= 1.1.1 - Authenticated (contributor+) SQL Injection — WP iCommerce – the first interactive ecommerce for wordpressCWE-89	7.2	-	2021-09-20

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Unknown — Vulnerabilities & Security Advisories 4138