Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2025-8280 Contact Form 7 reCAPTCHA <= 1.2.0 - Reflected XSS via $_SERVER['REQUEST_URI'] — Contact Form 7 reCAPTCHA 6.1 -2025-09-12
CVE-2025-3650 jQuery Colorbox <= 4.6.3 - Contributor+ Stored XSS — jQuery Colorbox 5.4 -2025-09-12
CVE-2025-9034 Wp Edit Password Protected < 1.3.5 - Open Redirect — Wp Edit Password Protected 6.1AIMediumAI2025-09-11
CVE-2025-9111 WPBOT < 7.1.0 - Admin+ Stored XSS — AI ChatBot for WordPress 4.8AIMediumAI2025-09-09
CVE-2025-8889 Compress Then Upload < 1.0.5 - Admin+ Arbitrary File Upload — Compress & Upload 7.2AIHighAI2025-09-09
CVE-2025-8085 Ditty < 3.1.58 - Unauthenticated SSRF — Ditty 5.3AIMediumAI2025-09-08
CVE-2025-8944 OceanWP < 4.1.2 - Subscriber+ Limited Option Update — OceanWP 4.3AIMediumAI2025-09-05
CVE-2023-3666 Sticky Side Buttons < 2.0.0 - Admin+ Stored XSS — Sticky Side Buttons 4.8AIMediumAI2025-09-03
CVE-2025-8281 WP Talroo <= 2.4 - Reflected XSS — WP Talroo 6.1 -2025-08-22
CVE-2025-8113 Ebook Store < 5.8015 - Reflected XSS via $_SERVER['REQUEST_URI'] — Ebook Store 6.1AIMediumAI2025-08-16
CVE-2025-8047 Multiple Plugins from itayamar - Supply Chain Compromise — disable-right-click-powered-by-pixterme 6.5AIMediumAI2025-08-14
CVE-2025-5998 PPWP < 1.9.11 - Subscriber+ Access Bypass via REST API — PPWP – Password Protect Pages 6.5AIMediumAI2025-08-14
CVE-2025-8046 Injection Guard < 1.2.8 - Reflected XSS via $_SERVER['REQUEST_URI'] — Injection Guard 6.1AIMediumAI2025-08-14
CVE-2025-7808 WP Shopify < 1.5.4 - Reflected XSS — WP Shopify 6.1AIMediumAI2025-08-14
CVE-2025-6790 QSM < 10.2.3 - Template Creation via CSRF — Quiz and Survey Master (QSM) 4.3AIMediumAI2025-08-14
CVE-2025-3414 Structured Content < 1.7.0 - Contributor Stored XSS — Structured Content (JSON-LD) #wpsc 5.4AIMediumAI2025-08-14
CVE-2025-6715 Latepoint < 5.1.94 - Unauthenticated LFI — LatePoint 9.8AICriticalAI2025-08-13
CVE-2025-7965 CBX Restaurant Booking <= 1.2.1 - Plugin Reset via CSRF — CBX Restaurant Booking 4.3AIMediumAI2025-08-11
CVE-2025-6572 OpenStreetMap for Gutenberg and WPBakery Page Builder <= 1.2.0 - Contributor+ Stored XSS — OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) 5.4 -2025-08-08
CVE-2025-5921 SureForms < 1.7.2 - Reflected XSS — SureForms 6.1 -2025-08-01
CVE-2025-7022 My Reservation System <= 2.3 - Reflected XSS — My Reservation System 6.1 -2025-07-25
CVE-2025-6174 WordPress Qwizcards <= 3.9.4 - Reflected XSS — Qwizcards | online quizzes and flashcards 6.1 -2025-07-23
CVE-2015-10140 Ajax Load More < 2.8.1.2 - Subscriber+ File Upload & Deletion — Ajax Load More 8.1 -2025-07-22
CVE-2025-4302 Stop User Enumeration < 1.7.3 - Protection Bypass — Stop User Enumeration 5.3AIMediumAI2025-07-17
CVE-2025-6200 GeoDirectory < 2.8.120 - Contributor+ Stored XSS — GeoDirectory 5.4AIMediumAI2025-07-11
CVE-2025-2942 Order Delivery Date Pro for WooCommerce < 12.6.0 - Unauthenticated Arbitrary Post Title Disclosure — Order Delivery Date 5.3AIMediumAI2025-07-11
CVE-2025-6236 Hostel < 1.1.5.9 - Admin+ Stored XSS — Hostel 4.8 -2025-07-10
CVE-2025-6234 Hostel < 1.1.5.8 - Reflected XSS — Hostel 6.1 -2025-07-10
CVE-2025-5920 Sharable Password Protected Posts < 1.1.1 - Unauthenticated Password Protect Post Access — Sharable Password Protected Posts 7.5 -2025-07-04
CVE-2025-5730 Easy Contact Form Lite < 1.1.29 - Contributor+ Stored XSS — Contact Form Plugin 4.8 -2025-06-30

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.