unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-4227	Ark Comment Editor <= 2.15.6 - Iframe Injection via Comment — ark-commenteditor	4.1	-	2024-01-16
CVE-2022-1609	The School Management < 9.9.7 - Unauthenticated RCE via REST api — school-management-pro	9.8	-	2024-01-16
CVE-2022-1760	Core Control <= 1.2.1 - Arbitrary Settings Update via CSRF — Core Control	4.3	-	2024-01-16
CVE-2022-23179	Contact Form & Lead Form Elementor Builder < 1.7.0 - Multiple Admin+ Stored Cross-Site Scripting — Contact Form & Lead Form Elementor Builder	4.8	-	2024-01-16
CVE-2022-23180	Contact Form & Lead Form Elementor Builder Plugin < 1.7.4 - Multiple Subscriber+ Settings Update — Contact Form & Lead Form Elementor Builder	4.3	-	2024-01-16
CVE-2022-0402	Superforms < 6.0.4 - Reflected Cross-Site Scripting — Super Forms - Drag & Drop Form Builder	6.1	-	2024-01-16
CVE-2022-3899	3DPrint < 3.5.6.9 - Arbitrary File and Directory Deletion via CSRF — 3dprint	8.1	-	2024-01-16
CVE-2022-3836	Seed Social < 2.0.4 - Admin+ Stored XSS — Seed Social	4.8	-	2024-01-16
CVE-2022-3764	Form Vibes < 1.4.5 - Admin+ SQLi — Form Vibes	9.8	-	2024-01-16
CVE-2022-1538	Theme-Demo-Importer < 1.1.1 - Admin+ Arbitrary File Upload — Theme Demo Import	7.2	-	2024-01-16
CVE-2022-1563	WPGraphQL WooCommerce <= 0.11.0 - Unauthenticated Coupon Codes Disclosure — wp-graphql-woocommerce	5.3	-	2024-01-16
CVE-2022-2413	Slide Anything < 2.3.47 - Author+ Cross Site Scripting in slide title — Slide Anything	5.4	-	2024-01-16
CVE-2021-24869	WP Fastest Cache < 0.9.5 - Subscriber+ SQL Injection — WP Fastest Cache	8.8	-	2024-01-16
CVE-2021-24870	WP Fastest Cache < 0.9.5 - CSRF to Stored Cross-Site Scripting — WP Fastest Cache	6.1	-	2024-01-16
CVE-2021-24433	Simple Sort&Search <= 0.0.3 - Ccontributor+ Stored XSS — simple sort&search	5.4	-	2024-01-16
CVE-2021-24432	Advanced AJAX Product Filters < 1.5.4.7 - Unauthenticated Reflected Cross-Site Scripting (XSS) — Advanced AJAX Product Filters	6.1	-	2024-01-16
CVE-2021-25117	WP Postratings < 1.86.1 - Admin+ Stored Cross-Site Scripting — WP-PostRatings	8.8	-	2024-01-16
CVE-2021-24151	WP Editor < 1.2.7 - Authenticated SQL injection — WP Editor	7.2	-	2024-01-16
CVE-2021-24559	Qyrr < 0.7 - Authenticated (contributor+) Stored XSS — Qyrr	5.4	-	2024-01-16
CVE-2021-24566	WooCommerce Currency Switcher < 1.3.7 - Authenticated (Low Privilege) Local File Inclusion — FOX	7.5	-	2024-01-16
CVE-2021-24567	Simple Post <= 1.1 - Authenticated Stored Cross-Site Scripting (XSS) — Simple Post	5.4	-	2024-01-16
CVE-2023-4925	Easy Forms for Mailchimp <= 6.8.10 - Admin+ Stored Cross-Site Scripting — Easy Forms for Mailchimp	4.8	-	2024-01-15
CVE-2023-5905	DeMomentSomTres WordPress Export Posts With Images <= 20220825 - Subscriber+ unauthorized data export — DeMomentSomTres WordPress Export Posts With Images	6.5	-	2024-01-15
CVE-2023-6066	WP Custom Widget Area <= 1.2.5 - Subscriber+ Menus Creation/Deletion/Update — WP Custom Widget area	4.3	-	2024-01-15
CVE-2023-6050	Estatik Real Estate Plugin < 4.1.1 - Reflected XSS — Estatik Real Estate Plugin	6.1	-	2024-01-15
CVE-2023-6991	JSM file_get_contents() Shortcode < 2.7.1 - Contributor+ SSRF — JSM file_get_contents() Shortcode	8.1	-	2024-01-15
CVE-2023-6048	Estatik Real Estate Plugin < 4.1.1 - Subscriber+ Arbitrary Option Update — Estatik Real Estate Plugin	6.5	-	2024-01-15
CVE-2023-6620	Post SMTP < 2.8.7 - Admin+ SQL Injection — POST SMTP Mailer	7.2	-	2024-01-15
CVE-2023-6163	WP Crowdfunding < 2.1.10 - Admin+ Stored XSS — WP Crowdfunding	4.8	-	2024-01-15
CVE-2023-6843	easy.jobs < 2.4.7 - Subscriber+ Arbitrary Settings Update — easy.jobs- Best Recruitment Plugin for Job Board Listing, Manager, Career Page for Elementor & Gutenberg	4.3	-	2024-01-15

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

unknown — Vulnerabilities & Security Advisories 4138