Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2023-5140 Bonus for Woo < 5.8.3 - Reflected Cross-Site Scripting — Bonus for Woo 6.1AIMediumAI2023-11-20
CVE-2023-4970 PubyDoc <= 2.0.6 - Admin+ Stored XSS — PubyDoc 4.8AIMediumAI2023-11-20
CVE-2023-5340 Five Star Restaurant Menu and Food Ordering < 2.4.11 - Unauthenticated PHP Object Injection — Five Star Restaurant Menu and Food Ordering 9.8AICriticalAI2023-11-20
CVE-2023-5605 URL Shortify < 1.7.9.1 - Admin+ Stored XSS — URL Shortify 4.8 -2023-11-06
CVE-2023-5355 Awesome Support < 6.1.5 - Submitter+ Arbitrary File Deletion — Awesome Support 8.1 -2023-11-06
CVE-2023-5601 WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload — WooCommerce Ninja Forms Product Add-ons 9.8 -2023-11-06
CVE-2023-5530 Ninja Forms < 3.6.34 - Admin+ Stored XSS — Ninja Forms Contact Form 4.8 -2023-11-06
CVE-2023-5181 WP Discord Invite < 2.5.2 - Admin+ Stored Cross Site Scripting — WP Discord Invite 4.8 -2023-11-06
CVE-2023-4858 WP Simple Table Manager Plugin <= 1.5.6 - Admin+ Stored Cross-Site Scripting — Simple Table Manager 4.8 -2023-11-06
CVE-2023-4810 Responsive Pricing Table < 5.1.8 - Admin+ Stored Cross-Site Scriping — Responsive Pricing Table 4.8 -2023-11-06
CVE-2023-4930 Front End PM < 11.4.3 - Sensitive Data Exposure via Directory Listing — Front End PM 7.5 -2023-11-06
CVE-2023-5352 Awesome Support < 6.1.5 - Insufficient permission check in wpas_edit_reply — Awesome Support 4.3 -2023-11-06
CVE-2023-5228 User Registration < 3.0.4.2 - Admin+ Stored XSS — User Registration 4.8 -2023-11-06
CVE-2023-5082 History Log by click5 < 1.0.13 - Admin+ Time-Based Blind SQL Injection — History Log by click5 7.2 -2023-11-06
CVE-2023-5354 Awesome Support < 6.1.5 - Reflected Cross-Site Scripting — Awesome Support 6.1 -2023-11-06
CVE-2023-5454 Templately < 2.2.6 - Arbitrary post trashing via Missing Authorization — Templately 7.5 -2023-11-06
CVE-2023-4250 EventPrime < 3.2.0 - Reflected XSS — EventPrime 6.1 -2023-10-31
CVE-2023-5211 Fattura24 < 6.2.8 - Reflected Cross-Site Scripting — Fattura24 6.1 -2023-10-31
CVE-2023-4251 EventPrime < 3.2.0 - Booking Creation via CSRF — EventPrime 4.3 -2023-10-31
CVE-2023-4836 WordPress File Sharing Plugin < 2.0.5 - Subscriber+ Sensitive Data and Files Exposure via IDOR — WordPress File Sharing Plugin 5.3 -2023-10-31
CVE-2023-5237 Memberlite Shortcodes < 1.3.9 - Contributor+ Stored XSS via Shortcode — Memberlite Shortcodes 5.4 -2023-10-31
CVE-2023-4390 Popup box < 3.7.2 - Admin+ Stored Cross-Site Scripting — Popup box 4.8 -2023-10-31
CVE-2023-5519 EventPrime < 3.2.0 - Booking Creation via CSRF — EventPrime 4.3 -2023-10-31
CVE-2023-5098 Campaign Monitor Forms < 2.5.6 - Subscriber+ Arbitrary Options Update — Campaign Monitor Forms by Optin Cat 7.1 -2023-10-31
CVE-2023-5238 EventPrime < 3.2.0 - Reflected HTML Injection on keyword parameter — EventPrime 6.1 -2023-10-31
CVE-2023-5307 Photos and Files Contest Gallery – Contact Form < 21.2.8.1 - Unauthenticated Stored XSS via HTTP Headers — Photos and Files Contest Gallery 6.1 -2023-10-31
CVE-2023-5243 Login screen manager <= 3.5.2 - Admin+ Stored XSS — Login Screen Manager 4.8 -2023-10-31
CVE-2023-4823 WP Meta and Date Remover < 2.2.0 - Subscriber+ Stored XSS — WP Meta and Date Remover 5.4 -2023-10-31
CVE-2023-5229 E2Pdf < 1.20.20 - Admin+ Stored Cross-Site Scriping — E2Pdf 4.8 -2023-10-31
CVE-2023-5360 Royal Elementor Addons and Templates < 1.3.79 - Unauthenticated Arbitrary File Upload — Royal Elementor Addons and Templates 9.8 -2023-10-31

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.