Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2023-6447 EventPrime < 3.3.6 - Unauthenticated Event Access — EventPrime 5.3 -2024-01-22
CVE-2023-7082 WP All Import < 3.7.3 - Admin+ Arbitrary File Upload to RCE — Import any XML or CSV File to WordPress 7.2 -2024-01-22
CVE-2023-6626 Product Enquiry for WooCommerce < 3.1 - Admin+ Stored XSS — Product Enquiry for WooCommerce 4.8 -2024-01-22
CVE-2023-6456 WP Review Slider < 13.0 - Admin+ Stored XSS — WP Review Slider 4.8 -2024-01-22
CVE-2023-6290 WP SEO Press < 7.3 - Admin+ Stored XSS — SEOPress 4.8 -2024-01-22
CVE-2023-7194 Meris <= 1.1.2 - Reflected XSS — Meris 6.1 -2024-01-22
CVE-2023-6384 WP User Profile Avatar < 1.0.1 - Author+ Avatar Deletion/Update via IDOR — WP User Profile Avatar 4.3 -2024-01-22
CVE-2023-6625 Product Enquiry for WooCommerce < 3.1 - Arbitrary Enquiry Deletion via CSRF — Product Enquiry for WooCommerce 4.3 -2024-01-22
CVE-2023-7170 EventON-RSVP < 2.9.5 - Reflected XSS — EventON-RSVP 6.1 -2024-01-22
CVE-2023-5006 WP Discord Invite < 2.5.1 - Arbitrary Settings Update via CSRF — WP Discord Invite 8.8 -2024-01-17
CVE-2023-5041 Track The Click < 0.3.12 - Author+ Time-Based Blind SQL Injection — Track The Click 8.8 -2024-01-17
CVE-2023-7151 Product Enquiry for WooCommerce < 3.2 - Reflected XSS — Product Enquiry for WooCommerce 6.1 -2024-01-16
CVE-2023-6373 ArtPlacer Widget < 2.20.7 - Editor+ SQLi — ArtPlacer Widget 8.0 -2024-01-16
CVE-2023-6292 Ecwid Ecommerce Shopping Cart < 6.12.5 - Arbitrary Plugin Settings Change via CSRF — Ecwid Ecommerce Shopping Cart 4.3 -2024-01-16
CVE-2023-5922 Royal Elementor Addons and Templates < 1.3.81 - Unauthenticated Arbitrary Post Read — Royal Elementor Addons and Templates 5.3 -2024-01-16
CVE-2024-0238 EventON (Free < 2.2.8, Premium < 4.5.6) - Unauthenticated Arbitrary Post Metadata Update — EventON Premium 5.3 -2024-01-16
CVE-2023-7125 Community by PeepSo < 6.3.1.2 - User Post Creation via CSRF — Community by PeepSo 8.1 -2024-01-16
CVE-2023-7083 Voting Record <= 2.0 - Settings Update to Stored XSS via CSRF — Voting Record 6.1 -2024-01-16
CVE-2024-0239 Contact Form 7 Connector < 1.2.3 - Reflected XSS — Contact Form 7 Connector 6.1 -2024-01-16
CVE-2024-0235 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure — EventON 5.3 -2024-01-16
CVE-2023-6732 Ultimate Maps by Supsystic < 1.2.16 - Admin+ Stored XSS — Ultimate Maps by Supsystic 4.8 -2024-01-16
CVE-2023-7084 Voting Record <= 2.0 - Subscriber+ Stored XSS — Voting Record 5.4 -2024-01-16
CVE-2023-7154 Hubbub Lite < 1.32.0 - Admin+ Stored XSS — Hubbub Lite (formerly Grow Social) 4.8 -2024-01-16
CVE-2023-6005 EventON (Free < 2.2.7, Premium < 4.5.5) - Admin+ Stored Cross-Site Scripting — EventON 4.8 -2024-01-16
CVE-2024-0233 EventON (Free < 2.2.8, Premium < 4.5.5) - Reflected XSS — EventON 6.1 -2024-01-16
CVE-2023-6592 FastDup – Fastest WordPress Migration & Duplicator < 2.2 - Directory Listing to Account Takeover and Sensitive Data Exposure — FastDup 8.2 -2024-01-16
CVE-2024-0187 Community by PeepSo < 6.3.1.2 - Reflected XSS — Community by PeepSo 6.1 -2024-01-16
CVE-2023-6824 WP Customer Area < 8.2.1 - Subscriber+ Account Address Leak — WP Customer Area 4.3 -2024-01-16
CVE-2024-0237 EventON (Free < 2.2.9, Premium <= 4.5.8) - Unauthenticated Virtual Event Settings Update — EventON Premium 5.3 -2024-01-16
CVE-2024-0236 EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Virtual Event Password Disclosure — EventON 5.3 -2024-01-16

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.