unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-3368	All in One SEO < 4.6.1.1 - Contributor+ Stored XSS — All in One SEO	5.4^AI	Medium^AI	2024-05-20
CVE-2024-3580	Popup4Phone <= 1.3.2 - Editor+ Stored XSS — Popup4Phone	4.8	-	2024-05-17
CVE-2024-2744	Nextgen Gallery < 3.59.1 - Admin+ Stored XSS — NextGEN Gallery	4.8	-	2024-05-17
CVE-2024-3231	Popup4Phone <= 1.3.2 - Unauthenticated Stored XSS — Popup4Phone	6.1	-	2024-05-17
CVE-2024-2697	Swift Framework < 2024.0.0 - Contributor+ Stored XSS via Shortcode — socialdriver-framework	5.4	-	2024-05-17
CVE-2024-3644	Newsletter Popup <= 1.2 - Admin+ Stored XSS — Newsletter Popup	4.8^AI	Medium^AI	2024-05-16
CVE-2024-3643	Newsletter Popup <= 1.2 - List Deletion via CSRF — Newsletter Popup	4.3^AI	Medium^AI	2024-05-16
CVE-2024-3642	Newsletter Popup <= 1.2 - Subscriber Deletion via CSRF — Newsletter Popup	4.3^AI	Medium^AI	2024-05-16
CVE-2024-3641	Newsletter Popup <= 1.2 - Unauthenticated Stored XSS — Newsletter Popup	6.1^AI	Medium^AI	2024-05-16
CVE-2024-3822	Base64 Encoder/Decoder <= 0.9.2 - Reflected XSS — Base64 Encoder/Decoder	6.1^AI	Medium^AI	2024-05-15
CVE-2024-3749	SP Project & Document Manager <= 4.71 - Subscriber+ File Download via IDOR — SP Project & Document Manager	6.5^AI	Medium^AI	2024-05-15
CVE-2024-3824	Base64 Encoder/Decoder <= 0.9.2 - Settings Reset via CSRF — Base64 Encoder/Decoder	4.3^AI	Medium^AI	2024-05-15
CVE-2024-3823	Base64 Encoder/Decoder <= 0.9.2 - Stored XSS via CSRF — Base64 Encoder/Decoder	6.1^AI	Medium^AI	2024-05-15
CVE-2024-3629	HL Twitter <= 2014.1.18 - Settings Update via CSRF — HL Twitter	4.3^AI	Medium^AI	2024-05-15
CVE-2024-3630	HL Twitter <= 2014.1.18 - Admin+ Stored XSS via Widget — HL Twitter	4.8^AI	Medium^AI	2024-05-15
CVE-2024-3634	month name translation benaceur < 2.3.8 - Admin+ Stored XSS — month name translation benaceur	4.8^AI	Medium^AI	2024-05-15
CVE-2024-3631	HL Twitter <= 2014.1.18 - Unlink Twitter Account via CSRF — HL Twitter	8.1^AI	High^AI	2024-05-15
CVE-2024-3748	SP Project & Document Manager <= 4.71 - Data Update via IDOR — SP Project & Document Manager	4.3^AI	Medium^AI	2024-05-15
CVE-2024-3406	WP Prayer <= 2.0.9 - Email Settings Update via CSRF — WP Prayer	4.3^AI	Medium^AI	2024-05-15
CVE-2024-3407	WP Prayer <= 2.0.9 - Arbitrary Prayer Deletion via CSRF — WP Prayer	8.1^AI	High^AI	2024-05-15
CVE-2024-3548	Shortcodes Ultimate < 7.1.2 - Contributor+ Stored XSS — WP Shortcodes Plugin — Shortcodes Ultimate	6.1^AI	Medium^AI	2024-05-15
CVE-2024-3405	WP Prayer <= 2.0.9 - Settings Update via CSRF — WP Prayer	4.3^AI	Medium^AI	2024-05-15
CVE-2024-3241	Ultimate Blocks < 3.1.7 - Contributor+ Stored XSS — Ultimate Blocks	5.4	-	2024-05-14
CVE-2024-3239	PostX < 4.0.2 - Contributor+ Stored XSS — Post Grid Gutenberg Blocks and WordPress Blog Plugin	5.4	-	2024-05-13
CVE-2024-3941	reCAPTCHA Jetpack <= 0.2.2 - Stored XSS via CSRF — reCAPTCHA Jetpack	6.1	-	2024-05-10
CVE-2024-3940	reCAPTCHA Jetpack <= 0.2.2 - Settings Update via CSRF — reCAPTCHA Jetpack	4.3	-	2024-05-10
CVE-2024-2749	VikBooking < 1.6.8 - Broken Access Control — VikBooking Hotel Booking Engine & PMS	6.5	-	2024-05-10
CVE-2024-2441	VikBooking < 1.6.8 - Insecure Direct Object References — VikBooking Hotel Booking Engine & PMS	4.3	-	2024-05-10
CVE-2024-3590	LetterPress <= 1.2.2 - Subscriber Deletion via CSRF — LetterPress	6.5	-	2024-05-09
CVE-2024-3903	Add Custom CSS and JS <= 1.20 - Stored XSS via CSRF — Add Custom CSS and JS	6.1	-	2024-05-09

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

unknown — Vulnerabilities & Security Advisories 4138