unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-4271	SVGator <= 1.2.6 - Stored XSS via SVG Upload — SVGator	5.4^AI	Medium^AI	2024-06-14
CVE-2024-4270	SVGMagic <= 1.1 - Stored XSS via SVG Upload — SVGMagic	5.4^AI	Medium^AI	2024-06-14
CVE-2024-3977	WordPress Jitsi Shortcode <= 0.1 - Admin+ Stored XSS — WordPress Jitsi Shortcode	4.8^AI	Medium^AI	2024-06-14
CVE-2024-4005	Social Pixel <= 2.1 - Admin+ Stored XSS — Social Pixel	4.8^AI	Medium^AI	2024-06-14
CVE-2024-3993	AZAN Plugin <= 0.6 - Stored XSS via CSRF — AZAN Plugin	6.1^AI	Medium^AI	2024-06-14
CVE-2024-3992	Amen <= 3.3.1 - Admin+ Stored XSS — Amen	4.8^AI	Medium^AI	2024-06-14
CVE-2024-3978	WordPress Jitsi Shortcode <= 0.1 - Contributor+ Stored XSS via Shortcode — WordPress Jitsi Shortcode	5.4^AI	Medium^AI	2024-06-14
CVE-2024-3754	Alemha Watermarker <= 1.3.1 - Author+ Stored XSS — Alemha watermarker	4.8^AI	Medium^AI	2024-06-14
CVE-2024-3965	Pray For Me <= 1.0.4 - Settings Update via CSRF — Pray For Me	4.3^AI	Medium^AI	2024-06-14
CVE-2024-3971	Similarity <= 3.0 - Plugin Reset via CSRF — Similarity	4.3^AI	Medium^AI	2024-06-14
CVE-2024-3966	Pray For Me <= 1.0.4 - Unauthenticated Stored XSS — Pray For Me	6.1^AI	Medium^AI	2024-06-14
CVE-2024-3972	Similarity <= 3.0 - Stored XSS via CSRF — Similarity	6.1^AI	Medium^AI	2024-06-14
CVE-2024-2218	LuckyWP Table of Contents <= 2.1.4 - Admin+ Stored XSS — LuckyWP Table of Contents	4.8^AI	Medium^AI	2024-06-14
CVE-2024-1295	The Events Calendar (Free < 6.4.0.1, Pro < 6.4.0.1) - Contributor+ Arbitrary Events Access — events-calendar-pro	4.3^AI	Medium^AI	2024-06-14
CVE-2024-4149	Floating Chat Widget < 3.2.3 - Admin+ Stored XSS — Floating Chat Widget: Contact Chat Icons, WhatsApp, Telegram Chat, Line Messenger, WeChat, Email, SMS, Call Button	4.8^AI	Medium^AI	2024-06-13
CVE-2024-3552	Web Directory Free < 1.7.0 - Unauthenticated SQL Injection — Web Directory Free	9.8^AI	Critical^AI	2024-06-13
CVE-2024-4145	Search & Replace < 3.2.2 - Admin+ SQL injection — Search & Replace	7.2^AI	High^AI	2024-06-13
CVE-2024-3032	Themify Builder < 7.5.8 - Open Redirect — Themify Builder	6.1^AI	Medium^AI	2024-06-13
CVE-2024-2762	FooGallery < 2.4.15 - Author+ Stored XSS — FooGallery	5.4^AI	Medium^AI	2024-06-13
CVE-2024-4924	Sassy social share < 3.3.63 Admin+ Stored Cross-Site scripting — Social Sharing Plugin	4.8^AI	Medium^AI	2024-06-12
CVE-2024-0427	Arforms < 6.4.1 - Reflected XSS — ARForms - Premium WordPress Form Builder Plugin	9.3^AI	Critical^AI	2024-06-12
CVE-2024-4621	ArForms < 6.6 - Admin+ Stored XSS — ARForms - Premium WordPress Form Builder Plugin	4.8	-	2024-06-07
CVE-2024-5003	WP Stacker <= 1.8.5 - Stored XSS via CSRF — WP Stacker	6.1	-	2024-06-07
CVE-2024-4756	WP Backpack <= 2.1 - Admin+ Stored XSS — WP Backpack	4.8	-	2024-06-07
CVE-2024-4620	ArForms < 6.6 - Unauthenticated RCE — ARForms - Premium WordPress Form Builder Plugin	9.8	-	2024-06-07
CVE-2024-3288	Logo Slider < 4.0.0 - Contributor+ Stored XSS — Logo Slider	5.4	-	2024-06-07
CVE-2024-4886	BuddyBoss Platform < 2.6.0 - Subscriber+ Comment on Private Post via IDOR — buddyboss-platform	4.3^AI	Medium^AI	2024-06-05
CVE-2024-0756	Insert or Embed Articulate Content into WordPress <= 4.3000000023 - Iframe Injection — Insert or Embed Articulate Content into WordPress	7.1^AI	High^AI	2024-06-04
CVE-2024-4749	WP eMember < 10.3.9 - Reflected XSS — wp-eMember	6.1^AI	Medium^AI	2024-06-04
CVE-2024-4180	The Events Calendar < 6.4.0.1 - Reflected XSS — The Events Calendar	6.1^AI	Medium^AI	2024-06-04

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

unknown — Vulnerabilities & Security Advisories 4138