Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-24419 WP YouTube Lyte < 1.7.16 - Authenticated Stored XSS — WP YouTube LyteCWE-79 4.8 -2021-07-12
CVE-2021-24451 Export Users With Meta < 0.6.5 - Authenticated SQL Injection — Export Users With MetaCWE-89 7.2 -2021-07-06
CVE-2021-24384 JoomSport < 5.1.8 - Unauthenticated PHP Object Injection — JoomSport – for Sports: Team & League, Football, Hockey & moreCWE-502 9.8 -2021-07-06
CVE-2021-24379 Comments Like Dislike < 1.1.4 - Add Like/Dislike Bypass — Comments Like DislikeCWE-863 5.3 -2021-06-21
CVE-2021-24378 Autoptimize < 2.7.8 - Authenticated Stored XSS via File Upload — AutoptimizeCWE-79 4.8 -2021-06-21
CVE-2021-24377 Autoptimize < 2.7.8 - Race Condition leading to RCE — AutoptimizeCWE-362 8.1 -2021-06-21
CVE-2021-24376 Autoptimize < 2.7.8 - Arbitrary File Upload via "Import Settings" — AutoptimizeCWE-434 9.8 -2021-06-21
CVE-2021-24373 WP Hardening < 1.2.2 - Reflected XSS via historyvalue — WP Hardening – Fix Your WordPress SecurityCWE-79 6.1 -2021-06-21
CVE-2021-24372 WP Hardening < 1.2.2 - Reflected XSS via URI — WP Hardening – Fix Your WordPress SecurityCWE-79 6.1 -2021-06-21
CVE-2021-24367 WP Config File Editor <= 1.7.1 - Authenticated Stored Cross-Site Scripting (XSS) — WP Config File EditorCWE-79 5.4 -2021-06-21
CVE-2021-24366 Admin Columns Free < 4.3 & Pro < 5.5.1 - Admin+ Stored XSS in Label — Admin Columns 5.4 -2021-06-21
CVE-2021-24370 Fancy Product Designer < 4.6.9 - Unauthenticated Arbitrary File Upload and RCE — Fancy Product DesignerCWE-434 9.8 -2021-06-21
CVE-2021-24358 The Plus Addons for Elementor Page Builder < 4.1.10 - Open Redirect — The Plus Addons for Elementor Page BuilderCWE-601 6.1 -2021-06-14
CVE-2021-24359 The Plus Addons for Elementor Page Builder < 4.1.11 - Arbitrary Reset Pwd Email Sending — The Plus Addons for Elementor Page BuilderCWE-284 7.1 -2021-06-14
CVE-2021-24360 Yes/No Chart < 1.0.12 - Authenticated (contributor+) Blind SQL Injection — Yes/No ChartCWE-89 8.1 -2021-06-14
CVE-2021-24349 Gallery From Files <= 1.6.0 - Reflected Cross-Site Scripting (XSS) — Gallery from filesCWE-79 6.1 -2021-06-14
CVE-2021-24350 Visitors <= 0.3 - Unauthenticated Stored Cross-Site Scripting (XSS) — VisitorsCWE-79 6.1 -2021-06-14
CVE-2021-24351 The Plus Addons for Elementor < 4.1.12 - Reflected Cross-Site Scripting (XSS) — The Plus Addons for Elementor Page BuilderCWE-79 6.1 -2021-06-14
CVE-2021-24352 Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Export — Simple 301 Redirects by BetterLinksCWE-862 6.1 -2021-06-14
CVE-2021-24353 Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Unauthenticated Redirect Import — Simple 301 Redirects by BetterLinksCWE-862 6.1 -2021-06-14
CVE-2021-24354 Simple 301 Redirects by BetterLinks - 2.0.0-2.0.3 - Arbitrary Plugin Installation — Simple 301 Redirects by BetterLinksCWE-862 8.8 -2021-06-14
CVE-2021-24355 Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Update and Retrieve Wildcard Value — Simple 301 Redirects by BetterLinksCWE-862 4.3 -2021-06-14
CVE-2021-24356 Simple 301 Redirects by BetterLinks - 2.0.0 – 2.0.3 - Arbitrary Plugin Activation — Simple 301 Redirects by BetterLinksCWE-862 8.8 -2021-06-14
CVE-2021-24341 Xllentech English Islamic Calendar < 2.6.8 - Authenticated SQL Injection — Xllentech English Islamic CalendarCWE-89 8.8 -2021-06-14
CVE-2021-24345 Sendit WP Newsletter <= 2.5.1 - Authenticated (admin+) SQL Injection — Sendit WP NewsletterCWE-89 7.2 -2021-06-14
CVE-2021-24346 Stock in & out <= 1.0.4 - Reflected Cross-Site Scripting (XSS) — Stock in & outCWE-79 5.4 -2021-06-14
CVE-2021-24347 SP Project & Document Manager <2 4.22 - Authenticated Shell Upload — SP Project & Document ManagerCWE-178 8.8 -2021-06-14
CVE-2021-24348 Side Menu < 3.1.5 - Authenticated (admin+) SQL Injection — Side Menu – add fixed side buttonsCWE-89 7.2 -2021-06-14
CVE-2021-24337 Video Embed <= 1.0 - Authenticated (subscriber+) SQL Injection — Video EmbedCWE-89 8.8 -2021-06-07
CVE-2021-24342 JNews < 8.0.6 - Reflected Cross-Site Scripting (XSS) — JNewsCWE-79 6.1 -2021-06-07

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.