Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting Unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2025-1627 Qi Blocks < 1.4 - Contributor+ Stored XSS via ToC Block — Qi Blocks 5.4AIMediumAI2025-05-19
CVE-2025-1626 Qi Blocks < 1.4 - Contributor+ Stored XSS vi Countdown Block — Qi Blocks 5.4AIMediumAI2025-05-19
CVE-2025-1625 Qi Blocks < 1.4 - Contributor+ Stored XSS via Counter Block — Qi Blocks 5.4AIMediumAI2025-05-19
CVE-2025-4190 CSV Mass Importer <= 1.2 - Admin+ Arbitrary File Upload — CSV Mass Importer 7.2AIHighAI2025-05-17
CVE-2022-4363 Wholesale Market <= 2.2.2 - Settings Update via CSRF — Wholesale Market 6.5AIMediumAI2025-05-16
CVE-2025-3516 Simple Lightbox < 2.9.4 - Contributor+ Stored XSS — Simple Lightbox 5.4AIMediumAI2025-05-16
CVE-2025-3201 Kali Forms < 2.4.3 - Contributor+ Stored XSS — Contact Form builder with drag & drop for WordPress 4.8AIMediumAI2025-05-16
CVE-2024-8009 Sensei LMS < 4.20.0 - Teacher+ Users Email Address Disclosure — Sensei LMS 4.3AIMediumAI2025-05-15
CVE-2024-6711 Event Tickets with Ticket Scanner < 2.3.8 - Admin+ Stored XSS — Event Tickets with Ticket Scanner 5.4AIMediumAI2025-05-15
CVE-2024-4091 Responsive Gallery Grid < 2.3.15 - Admin+ Stored XSS — Responsive Gallery Grid 4.8AIMediumAI2025-05-15
CVE-2024-4665 EventPrime – Events Calendar, Bookings and Tickets < 3.5.0 - Subscriber+ Arbitrary booking settings update — EventPrime 4.3AIMediumAI2025-05-15
CVE-2024-3996 Post Grid, Post Carousel, & List Category Posts < 2.4.28 - Editor+ Stored XSS — Smart Post Show 4.8AIMediumAI2025-05-15
CVE-2024-4004 Advanced Cron Manager < 2.5.7 - Admin+ Stored XSS — Advanced Cron Manager 4.8AIMediumAI2025-05-15
CVE-2024-3901 Genesis Blocks <= 3.1.3 - Contributor+ Stored XSS — Genesis Blocks 5.4AIMediumAI2025-05-15
CVE-2024-4002 Carousel, Slider, Gallery by WP Carousel < 2.6.9 - Editor+ Stored XSS — Carousel, Slider, Gallery by WP Carousel 4.8AIMediumAI2025-05-15
CVE-2024-3062 Save as PDF by Pdfcrowd < 3.2.2 - Admin+ Stored XSS — Save as Image Plugin by Pdfcrowd 4.8AIMediumAI2025-05-15
CVE-2024-1663 Ultimate Noindex Nofollow Tool II < 1.3.6 - Admin+ Stored XSS — Ultimate Noindex Nofollow Tool II 4.8AIMediumAI2025-05-15
CVE-2024-2869 Easy Property Listings <= 3.5.3 - Admin+ Stored XSS — Easy Property Listings 4.8AIMediumAI2025-05-15
CVE-2024-2643 My Sticky Bar < 2.6.8 - Admin+ Stored XSS — Floating Notification Bar, Sticky Menu on Scroll, Announcement Banner, and Sticky Header for Any Theme 4.8AIMediumAI2025-05-15
CVE-2024-12767 BuddyBoss platform < 2.7.60 - Private Comment Exposure via IDOR — buddyboss-platform 4.3AIMediumAI2025-05-15
CVE-2024-0970 User Activity Tracking and Log < 4.1.4 - IP Spoofing — User Activity Tracking and Log 7.5AIHighAI2025-05-15
CVE-2024-0852 coreActivity < 1.8.1 - Unauthenticated Stored XSS — coreActivity: Activity Logging for WordPress 6.1AIMediumAI2025-05-15
CVE-2024-0249 Advanced Schedule Posts <= 2.1.8 - Reflected XSS — Advanced Schedule Posts 6.1AIMediumAI2025-05-15
CVE-2023-7297 TwitterPosts <= 1.0.2 - Settings Update via CSRF — TwitterPosts 4.3AIMediumAI2025-05-15
CVE-2023-7230 illi Link Party! <= 1.0 - Admin+ Stored Cross-Site Scripting — illi Link Party! 5.4AIMediumAI2025-05-15
CVE-2023-7231 illi Link Party! <= 1.0 - Unauthenticated Arbitrary Link Deletion — illi Link Party! 5.3AIMediumAI2025-05-15
CVE-2023-7239 wp-dashboard-notes < 1.0.11 - Contributor+ Arbitrary Private Notes Update via IDOR — WP Dashboard Notes 4.3AIMediumAI2025-05-15
CVE-2023-7228 illi Link Party! <= 1.0 - Unauthenticated Stored XSS — illi Link Party! 6.1AIMediumAI2025-05-15
CVE-2023-7229 illi Link Party! <= 1.0 - Settings Update via CSRF — illi Link Party! 4.3AIMediumAI2025-05-15
CVE-2023-7195 WP-Reply Notify <= 1.1 - Settings Update via CSRF — WP-Reply Notify 4.3AIMediumAI2025-05-15

This page lists every published CVE security advisory associated with Unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.