Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-24401 WP Domain Redirect <= 1.0 - Authenticated SQL Injection — WP Domain RedirectCWE-89 7.2 -2021-09-20
CVE-2021-24400 Display users <= 2.0.0 - Authenticated SQL Injection — Display UsersCWE-89 7.2 -2021-09-20
CVE-2021-24399 The Sorter <= 1.0 - Authenticated SQL Injection — The SorterCWE-89 7.2 -2021-09-20
CVE-2021-24398 Responsive 3D Slider <= 1.2 - Authenticated SQL Injection — RESPONSIVE 3D SLIDERCWE-89 7.2 -2021-09-20
CVE-2021-24397 MicroCopy <= 1.1.0 - Authenticated SQL Injection — MicroCopyCWE-89 7.2 -2021-09-20
CVE-2021-24396 GSEOR <= 1.3 - Authenticated SQL Injection — GSEOR – WordPress SEO PluginCWE-89 7.2 -2021-09-20
CVE-2021-24728 Paid Member Subscriptions < 2.4.2 - Authenticated SQL Injection — Membership & Content Restriction – Paid Member SubscriptionsCWE-89 8.8 -2021-09-13
CVE-2021-24727 Block and Stop Bad Bots < 6.60 - Authenticated SQL Injections — WP Block and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection Plugin StopBadBotsCWE-89 8.8 -2021-09-13
CVE-2021-24726 WP Simple Booking Calendar <= 2.0.6 (before 07/12/2021) - Authenticated SQL Injection — WP Simple Booking CalendarCWE-89 7.2 -2021-09-13
CVE-2021-24725 Comment Link Remove and Other Comment Tools < 2.1.6 - Arbitrary Comment Deletion via CSRF — Comment Link Remove and Other Comment ToolsCWE-352 6.5 -2021-09-13
CVE-2021-24724 Timetable and Event Schedule by MotoPress < 2.3.19 - Author+ Stored Cross-Site Scripting — Timetable and Event Schedule by MotoPressCWE-79 5.4 -2021-09-13
CVE-2021-24623 WordPress Advanced Ticket System < 1.0.64 - Authenticated Stored Cross-Site Scripting (XSS) — WordPress Advanced Ticket System, Elite Support HelpdeskCWE-79 4.8 -2021-09-13
CVE-2021-24621 WP Courses LMS < 2.0.44 - Authenticated Stored XSS via Video Embed Code — WP Courses LMSCWE-79 6.9 -2021-09-13
CVE-2021-24620 Simple eCommerce <= 2.2.5 - Arbitrary File Upload — WordPress Simple Ecommerce Shopping Cart Plugin- Sell products through PaypalCWE-434 9.8 -2021-09-13
CVE-2021-24619 Per Page Add to Head <= 1.4.4 - Authenticated Stored XSS — Per page add to headCWE-79 4.8 -2021-09-13
CVE-2021-24614 Book appointment Online < 1.39 - Authenticated Stored Cross-Site Scripting (XSS) — Book appointment onlineCWE-79 4.8 -2021-09-13
CVE-2021-24605 Custom Post View Generator <= 0.4.6 - Reflected Cross-Site Scripting — Custom Post View GeneratorCWE-79 5.4 -2021-09-13
CVE-2021-24586 Per Page Add to Head < 1.4.4 - CSRF to Stored XSS — Per page add to headCWE-352 4.6 -2021-09-13
CVE-2021-24560 Software License Manager < 4.4.8 - Reflected Cross-Site Scripting — Software License ManagerCWE-79 6.1 -2021-09-13
CVE-2021-24523 Daily Prayer Time < 2021.08.10 - Authenticated Stored XSS — Daily Prayer TimeCWE-79 5.4 -2021-09-13
CVE-2021-24510 MF Gig Calendar < 1.2 - Reflected Cross-Site Scripting (XSS) — MF Gig Calendar 6.1 -2021-09-13
CVE-2021-24508 Smash Balloon Social Post Feed < 2.19.2 - Unauthenticated Stored XSS — Smash Balloon Social Post FeedCWE-79 6.1 -2021-09-13
CVE-2021-24493 Shopp eCommerce <= 1.4 - Unauthenticated Arbitrary File Upload — ShoppCWE-434 9.8 -2021-09-13
CVE-2021-24491 Fileviewer <= 2.2 - Arbitrary File Upload/Deletion via CSRF — FileviewerCWE-352 8.8 -2021-09-13
CVE-2021-24490 Email Artillery <= 4.1 - Arbitrary File Upload — Email Artillery (MASS EMAIL)CWE-434 8.0 -2021-09-13
CVE-2021-24431 Language Bar Flags <= 1.0.8 - CSRF to Stored XSS — Language Bar FlagsCWE-79 5.4 -2021-09-13
CVE-2021-24611 Keywords & Meta <= 3.0 - CSRF to Stored Cross-Site Scripting (XSS) — Keyword MetaCWE-352 6.1 -2021-09-06
CVE-2021-24603 Site Reviews < 5.13.1 - Authenticated Stored XSS — Site ReviewsCWE-79 5.4 -2021-09-06
CVE-2021-24601 WPFront Notification Bar < 2.1.0.08087 - Authenticated Stored XSS — WPFront Notification BarCWE-79 4.8 -2021-09-06
CVE-2021-24599 Email Encoder < 2.1.2 - Reflected Cross Site Scripting — Email Encoder – Protect Email AddressesCWE-79 4.7 -2021-09-06

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.