Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2025-2563	User Registration & Membership < 4.1.2- Unauthenticated Privilege Escalation — User Registration & Membership	9.8^AI	Critical^AI	2025-04-14
CVE-2024-9230	PowerPress Podcasting < 11.9.18 - Author+ XSS via Podcast URL — PowerPress Podcasting plugin by Blubrry	5.4^AI	Medium^AI	2025-04-14
CVE-2024-13896	WP-GeSHi-Highlight <= 1.4.3 - Author+ ReDoS — WP-GeSHi-Highlight — rock-solid syntax highlighting for 259 languages	7.5^AI	High^AI	2025-04-10
CVE-2024-13874	Feedify – Web Push Notifications < 2.4.6 - Reflected XSS — Feedify	6.1^AI	Medium^AI	2025-04-10
CVE-2024-8243	Plugin Upgrade Time Out <= 1.0 - Stored XSS via CSRF — WordPress/Plugin Upgrade Time Out Plugin	6.1^AI	Medium^AI	2025-04-09
CVE-2024-6860	WP MultiTasking <= 0.1.12 - Permalink Suffix Update via CSRF — WP MultiTasking	7.1^AI	High^AI	2025-04-09
CVE-2024-6857	WP MultiTasking <= 0.1.12 - Header/Footer/Body Script Update via CSRF — WP MultiTasking	8.3^AI	High^AI	2025-04-09
CVE-2025-2279	Maps - Google Maps <= 1.0.6 - Contributor+ Stored XSS — Maps	5.4^AI	Medium^AI	2025-04-04
CVE-2025-2055	MapPress Maps for WordPress < 2.94.9 - Contributor+ Stored XSS — MapPress Maps for WordPress	5.4^AI	Medium^AI	2025-04-03
CVE-2025-2048	Lana Downloads Manager < 1.10.0 - Admin+ Arbitrary File Download via Path Traversal — Lana Downloads Manager	4.9	-	2025-04-01
CVE-2025-1986	Gutentor < 3.4.7 - Admin+ SQL Injection — Gutentor	7.2	-	2025-04-01
CVE-2025-0613	Photo Gallery < 1.8.34 - Unauthenticated Stored XSS — Photo Gallery by 10Web	6.1	-	2025-03-31
CVE-2025-1762	Event Tickets with Ticket Scanner < 2.5.4 - Arbitrary Tickets Deletion via CSRF — Event Tickets with Ticket Scanner	4.3	-	2025-03-28
CVE-2024-13146	Booknetic < 4.1.5 - Staff Creation via CSRF — Booknetic	6.5^AI	Medium^AI	2025-03-26
CVE-2024-12683	Smart Maintenance Mode < 1.5.2 - Admin+ Stored XSS — Smart Maintenance Mode	4.8^AI	Medium^AI	2025-03-26
CVE-2024-11847	WP SVG Upload <= 1.0.0 - Author+ Stored XSS via SVG — wp-svg-upload	5.4^AI	Medium^AI	2025-03-26
CVE-2025-1798	Design Comuni Italia < 1.1.2 - Unauthenticated Stored XSS — design-comuni-wordpress-theme	6.1	-	2025-03-25
CVE-2024-13863	Stylish Google Sheet Reader < 4.1 - Reflected XSS — Stylish Google Sheet Reader 4.0	6.1	-	2025-03-25
CVE-2025-1452	Favorites < 2.3.5 - Admin+ Stored XSS — Favorites	4.8	-	2025-03-25
CVE-2024-9770	WP-Recall < 16.26.12 - Admin+ SQL Injection — WP-Recall	7.2	-	2025-03-25
CVE-2025-0717	Social Slider Feed < 2.2.9 - Admin+ Stored XSS — Social Slider Feed	9.3	-	2025-03-25
CVE-2024-13122	AFI < 1.100.0 - Admin+ Stored XSS — AFI	4.8	-	2025-03-25
CVE-2024-13617	Downloable by American Osteopathic Association <= 0.1.0 - Unauthenticated Arbitrary File Download — aoa-downloadable	7.5	-	2025-03-25
CVE-2024-13618	Downloable by American Osteopathic Association <= 0.1.0 - Unauthenticated SSRF — aoa-downloadable	7.5	-	2025-03-25
CVE-2024-13123	AFI < 1.100.0 - Admin+ Stored XSS — AFI	4.8	-	2025-03-25
CVE-2024-13118	IP Based Login < 2.4.1 - Log Deletion via CSRF — IP Based Login	4.3	-	2025-03-25
CVE-2024-12769	Simple Banner < 3.0.4 - Admin+ Stored XSS — Simple Banner	4.8	-	2025-03-25
CVE-2024-12682	Smart Maintenance Mode < 1.5.2 - Admin+ Stored XSS — Smart Maintenance Mode	4.8	-	2025-03-25
CVE-2024-11503	WP Tabs < 2.2.7 - Admin+ Stored XSS — WP Tabs	4.8	-	2025-03-25
CVE-2024-12109	Product Labels For Woocommerce < 1.5.9 - Admin+ SQLi — Product Labels For Woocommerce (Sale Badges)	7.2	-	2025-03-25

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

Unknown — Vulnerabilities & Security Advisories 4138