Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2023-6741 WP Customer Area < 8.2.1 - Subscriber+ Account Address Update — WP Customer Area 4.3 -2024-01-16
CVE-2023-4703 All in One B2B for WooCommerce <= 1.0.3 - Unauthenticated Privilege Escalation — All in One B2B for WooCommerce 7.5 -2024-01-16
CVE-2023-4797 Newsletter Lite < 4.9.3 - Admin+ Command Injection — Newsletters 7.2 -2024-01-16
CVE-2023-4757 Staff / Employee Business Directory for Active Directory < 1.2.3 - Improper escaping of LDAP entries — Staff / Employee Business Directory for Active Directory 5.4 -2024-01-16
CVE-2023-4536 My Account Page Editor < 1.3.2 - Subscriber+ Arbitrary File Upload — My Account Page Editor 8.8 -2024-01-16
CVE-2023-0824 UserPlus <= 2.0 - Stored XSS via CSRF — User registration & user profile 6.1AIMediumAI2024-01-16
CVE-2023-0769 hiWeb Migration Simple <= 2.0.0.1 Reflected Cross-Site Scripting — hiWeb Migration Simple 6.1AIMediumAI2024-01-16
CVE-2023-1405 Formidable Forms < 6.2 - Unauthenticated PHP Object Injection — Formidable Forms 9.8 -2024-01-16
CVE-2023-0389 Calculated Fields Form < 1.1.151 - Admin+ Stored Cross-Site Scripting via Dropdown Fields — Calculated Fields Form 4.8AIMediumAI2024-01-16
CVE-2023-0376 Qubely < 1.8.5 - Contributor+ Stored XSS — Qubely 5.4AIMediumAI2024-01-16
CVE-2023-0094 UpQode Google Maps <= 1.0.5 - Contributor+ Stored XSS — UpQode Google Maps 5.4AIMediumAI2024-01-16
CVE-2023-2252 Directorist < 7.5.4 - Admin+ LFI — Directorist 8.1 -2024-01-16
CVE-2023-3372 Lana Shortcodes < 1.2.0 - Contributor+ Stored XSS — Lana Shortcodes 5.4 -2024-01-16
CVE-2023-3178 POST SMTP Mailer < 2.5.7 - Arbitrary Log Deletion via CSRF — POST SMTP Mailer 4.3 -2024-01-16
CVE-2023-2655 Contact Form by WD <= 1.13.23 - Admin+ SQLi — Contact Form by WD 7.2 -2024-01-16
CVE-2023-0479 Print Invoice & Delivery Notes for WooCommerce < 4.7.2 - Reflected XSS — Print Invoice & Delivery Notes for WooCommerce 5.4 -2024-01-16
CVE-2023-0079 Customer Reviews for WooCommerce < 5.17.0 - Contributor+ Stored XSS — Customer Reviews for WooCommerce 5.4AIMediumAI2024-01-16
CVE-2023-0224 GiveWP < 2.24.1 - Unauthenticated SQLi — GiveWP 9.8AICriticalAI2024-01-16
CVE-2023-5558 LearnPress < 4.2.5.5 - Reflected Cross-Site Scripting — LearnPress 6.1 -2024-01-16
CVE-2023-6046 EventON < 2.2 - Admin+ Stored HTML Injection — EventON 4.8 -2024-01-16
CVE-2023-3771 T1 theme <= 19.0 - Open Redirect — t1 6.1 -2024-01-16
CVE-2023-3211 WordPress Database Administrator <= 1.0.3 - Unauthenticated SQL Injection — WordPress Database Administrator 9.8 -2024-01-16
CVE-2023-3647 IURNY by INDIGITALL < 3.2.3 - Admin+ Stored XSS — IURNY by INDIGITALL 4.8 -2024-01-16
CVE-2022-3194 Dokan < 3.6.4 - Vendor Stored Cross-Site Scripting — Dokan 5.4 -2024-01-16
CVE-2022-3829 Font Awesome 4 Menus <= 4.7.0 - Admin+ Stored XSS — Font Awesome 4 Menus 4.8 -2024-01-16
CVE-2022-3739 WP Best Quiz <= 1.0 - Author+ Stored XSS — WP Best Quiz 5.4 -2024-01-16
CVE-2022-3604 Contact Form Entries < 1.3.0 - CSV Injection — Contact Form Entries 9.8 -2024-01-16
CVE-2022-1618 Coru LFMember <= 1.0.2 - Stored Cross-Site Scripting via CSRF — Coru LFMember 4.3 -2024-01-16
CVE-2022-1617 WP-Invoice <= 4.3.1 - Stored Cross-Site Scripting via CSRF — WP-Invoice 6.1 -2024-01-16
CVE-2022-0775 WooCommerce < 6.2.1 - Subscriber+ Arbitrary Comment Deletion — WooCommerce 4.3 -2024-01-16

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.