Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2024-10482 Media Library Tools < 1.5.0 - Author+ Stored XSS via SVG — Media File Rename, Find Unused File, Add Alt text, Caption, Desc For Image SEO 5.4 -2024-11-21
CVE-2024-10515 SEO Plugin by Squirrly SEO < 12.3.21 - Editor+ Stored XSS — SEO Plugin by Squirrly SEO 6.1AIMediumAI2024-11-20
CVE-2024-10103 MailPoet < 5.3.2 - Admin+ Stored XSS — MailPoet 6.1AIMediumAI2024-11-19
CVE-2024-5030 CM Table Of Contents – WordPress TOC Plugin < 1.2.3 - Settings Reset via CSRF — CM Table Of Contents 8.8AIHighAI2024-11-18
CVE-2024-9529 Secure Custom Fields < 6.3.6.3 - Admin+ Remote Code Execution — Secure Custom Fields 7.2AIHighAI2024-11-15
CVE-2024-10104 Jobs for WordPress < 2.7.8 - Contributor+ Stored XSS — Jobs for WordPress 4.8AIMediumAI2024-11-15
CVE-2024-9186 Automation By Autonami < 3.3.0 - Unauthenticated SQLi — Recover WooCommerce Cart Abandonment, Newsletter, Email Marketing, Marketing Automation By FunnelKit 9.8AICriticalAI2024-11-14
CVE-2024-10146 Simple File List < 6.1.13 - Reflected Cross-Site Scripting — Simple File List 6.1 -2024-11-14
CVE-2024-10820 WooCommerce Upload Files <= 84.3 - Unauthenticated Arbitrary File Upload — WooCommerce Upload FilesCWE-434 9.8 Critical2024-11-13
CVE-2024-9836 RSS Feed Widget < 3.0.0 - Contributor+ Stored XSS — RSS Feed Widget 5.4AIMediumAI2024-11-12
CVE-2024-9835 RSS Feed Widget < 3.0.1 - Reflected XSS — RSS Feed Widget 6.1AIMediumAI2024-11-12
CVE-2024-7982 Registrations for The Events Calendar < 2.12.4 - Unauthenticated Stored XSS — Registrations for the Events Calendar 6.1 -2024-11-08
CVE-2024-8378 Safe SVG < 2.2.6 - Author+ SVG Sanitisation Bypass — Safe SVG 8.2AIHighAI2024-11-07
CVE-2024-9926 Jetpack < 13.9.1 - Subscriber+ Arbitrary Feedback Access — Jetpack 4.3AIMediumAI2024-11-07
CVE-2024-10027 WP Booking Calendar < 10.6.3 - Admin+ Stored XSS — WP Booking Calendar 4.8AIMediumAI2024-11-07
CVE-2024-9934 Wp-ImageZoom <= 1.1.0 - Reflected XSS — Wp-ImageZoom 6.1AIMediumAI2024-11-06
CVE-2024-7879 WP ULike < 4.7.5 - Admin+ Stored XSS via Widgets — WP ULike 4.8AIMediumAI2024-11-06
CVE-2024-9883 Pods < 3.2.7.1 - Admin+ Stored XSS — Pods 4.8AIMediumAI2024-11-05
CVE-2024-7877 Appointment Booking Calendar < 1.6.7.55 - Admin+ Stored XSS — Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin 4.8AIMediumAI2024-11-05
CVE-2024-9689 Post From Frontend <= 1.0.0 - Post Deletion via CSRF — Post From Frontend 6.5AIMediumAI2024-11-05
CVE-2024-7876 Appointment Booking Calendar < 1.6.7.55 - Admin+ Stored XSS — Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin 4.8AIMediumAI2024-11-05
CVE-2024-5578 Table of Contents Plus <= 2408 - Editor+ Stored XSS — Table of Contents Plus 4.8AIMediumAI2024-11-05
CVE-2024-8444 Download Manager < 3.3.00 - Contributor+ Stored XSS — Download Manager 6.1AIMediumAI2024-10-30
CVE-2024-8625 TS Poll – Survey, Versus Poll, Image Poll, Video Poll < 2.4.0 - Admin+ SQL Injection — TS Poll 7.2AIHighAI2024-10-21
CVE-2024-5429 Logo Slider < 4.1.0 - Contributor+ Stored XSS — Logo Slider 5.4AIMediumAI2024-10-17
CVE-2024-9796 WP-Advanced-Search < 3.3.9.2 - Unauthenticated SQL Injection — WP-Advanced-Search 9.8AICriticalAI2024-10-10
CVE-2024-9156 TI WooCommerce Wishlist <= 2.8.2 - Unauthenticated SQL Injection via lang parameters — TI WooCommerce Wishlist 7.5AIHighAI2024-10-10
CVE-2024-5968 Photo Gallery by 10Web <= 1.8.27 - Admin+ Stored XSS — Photo Gallery by 10Web 4.8AIMediumAI2024-10-09
CVE-2024-9021 Relevanssi < 4.23.1 - Contributor+ Stored XSS — Relevanssi 6.1AIMediumAI2024-10-08
CVE-2024-8983 Custom Twitter Feeds < 2.2.3 - Admin+ Stored XSS — Custom Twitter Feeds 6.9AIMediumAI2024-10-08

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.