Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-24591 Highlight < 0.9.3 - Authenticated Stored Cross-Site Scripting — HighlightCWE-79 4.8 -2021-09-06
CVE-2021-24590 Cookie Notice & Consent Banner for GDPR & CCPA Compliance < 1.7.2 - Authenticated Stored XSS — Cookie Notice & Consent Banner for GDPR & CCPA ComplianceCWE-79 5.4 -2021-09-06
CVE-2021-24588 SMS Alert Order Notifications – WooCommerce < 3.4.7 Authenticated Cross Site Scripting — SMS Alert Order Notifications – WooCommerceCWE-79 6.1 -2021-09-06
CVE-2021-24568 AddToAny < 1.7.46 - Authenticated Stored XSS — AddToAny Share ButtonsCWE-79 4.8 -2021-09-06
CVE-2021-24517 Stop Spammers Security < 2021.18 - Authenticated Stored XSS — Stop Spammers Security | Block Spam Users, Comments, FormsCWE-79 4.8 -2021-09-06
CVE-2021-24513 Form Builder < 1.9.8.4 - Authenticated Stored Cross-Site Scripting — Form Builder | Create Responsive Contact FormsCWE-79 4.8 -2021-09-06
CVE-2021-24435 Titan Framework <= 1.12.1 - Reflected Cross-Site Scripting (XSS) — Titan FrameworkCWE-79 6.1 -2021-09-06
CVE-2021-24395 Embed Youtube Video <= 1.0 - Authenticated SQL Injection — Embed Youtube VideoCWE-89 7.2 -2021-09-06
CVE-2021-24393 Comment Highlighter <= 0.13 - Authenticated SQL Injection — Comment HighlighterCWE-89 7.2 -2021-09-06
CVE-2021-24394 Easy Testimonial Manager <= 1.2.0 - Authenticated SQL Injection — Easy Testimonial ManagerCWE-89 7.2 -2021-09-06
CVE-2021-24392 WordPress Membership SwiftCloud.io <= 1.0 - Authenticated SQL Injection — WordPress Membership SwiftCloud.ioCWE-89 7.2 -2021-09-06
CVE-2021-24391 Cashtomer <= 1.0.0 - Authenticated SQL Injection — CashtomerCWE-89 7.2 -2021-09-06
CVE-2021-24390 Alipay <= 3.7.2 - Authenticated SQL Injection — WordPress支付宝Alipay|财付通Tenpay|贝宝PayPal集成插件CWE-89 7.2 -2021-09-06
CVE-2021-24303 JiangQie Official Website Mini Program < 1.1.1 - Authenticated SQL Injection — JiangQie Official Website Mini ProgramCWE-89 7.2 -2021-09-06
CVE-2021-24667 Gallery Blocks with Lightbox < 2.2.1- Authenticated Stored Cross-Site Scripting — Gallery Blocks with Lightbox. Image Gallery, (HTML5 video , YouTube, Vimeo) Video Gallery and Lightbox for native galleryCWE-79 5.4 -2021-08-30
CVE-2021-24665 WP Video Lightbox < 1.9.3 - Contributor+ Stored Cross-Site Scripting — WP Video LightboxCWE-79 5.4 -2021-08-30
CVE-2021-24593 Business Hours Indicator < 2.3.5 - Authenticated Stored XSS — Business Hours IndicatorCWE-79 5.4 -2021-08-30
CVE-2021-24592 Sitewide Notice WP < 2.3 - Authenticated Stored XSS — Sitewide Notice WPCWE-79 4.8 -2021-08-30
CVE-2021-24581 Blue Admin <= 21.06.01 - CSRF to Stored Cross-Site Scripting (XSS) — Blue AdminCWE-352 8.2 -2021-08-30
CVE-2021-24580 Side Menu Lite < 2.2.6 - Authenticated SQL Injection — Side Menu Lite - add sticky fixed buttonsCWE-89 7.2 -2021-08-30
CVE-2021-24579 Bold Page Builder < 3.1.6 - PHP Object Injection — Bold Page BuilderCWE-502 8.8 -2021-08-30
CVE-2021-24528 FluentSMTP < 2.0.1 - Authenticated Stored XSS — FluentSMTP – WordPress Mail SMTP, SES, SendGrid, Mailgun and Any SMTP PluginCWE-79 5.4 -2021-08-30
CVE-2021-24438 ShareThis Dashboard for Google Analytics < 2.5.2 - Reflected Cross-Site Scripting (XSS) — ShareThis Dashboard for Google AnalyticsCWE-79 6.1 -2021-08-30
CVE-2021-24437 Favicon by RealFaviconGenerator <= 1.3.20 - Reflected Cross-Site Scripting (XSS) — Favicon by RealFaviconGeneratorCWE-79 6.1 -2021-08-30
CVE-2021-24602 HM Multiple Roles < 1.3 - Arbitrary Role Change — HM Multiple RolesCWE-269 8.8 -2021-08-23
CVE-2021-24574 Simple Banner < 2.10.4 - Authenticated Stored XSS — Simple BannerCWE-79 4.8 -2021-08-23
CVE-2021-24571 HD Quiz < 1.8.4 - Authenticated Stored XSS — HD QuizCWE-79 5.4 -2021-08-23
CVE-2021-24565 Contact Form 7 Captcha < 0.0.9 - CSRF to Stored XSS — Contact Form 7 CaptchaCWE-79 7.1 -2021-08-23
CVE-2021-24564 WPFront Scroll Top < 2.0.6.07225 - Authenticated Stored XSS — WPFront Scroll TopCWE-79 5.4 -2021-08-23
CVE-2021-24562 LifterLMS < 4.21.2 - Access Other Student Grades/Answers via IDOR — LMS by LifterLMS – Online Course, Membership & Learning Management System Plugin for WordPressCWE-639 7.5 -2021-08-23

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.