Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-4097 All In One WP Security & Firewall < 5.0.8 - IP Spoofing — All-In-One Security (AIOS) 4.3 -2022-12-12
CVE-2022-3882 WP Memory < 2.46 - Subscriber+ Arbitrary Plugin Installation — Memory Usage, Memory Limit, PHP and Server Memory Health Check and Fix Plugin 6.5 -2022-12-12
CVE-2022-3908 Helloprint < 1.4.7 - Reflected Cross-Site Scripting — Plug your WooCommerce into the largest catalog of customized print products from Helloprint 6.1 -2022-12-12
CVE-2022-3359 Shortcodes and extra features for Phlox theme < 2.10.7 - PHP Objection Injection — Shortcodes and extra features for Phlox theme 8.8 -2022-12-12
CVE-2022-3846 Workreap - Freelance Marketplace and Directory < 2.6.3 - Subscriber+ Private Message Disclosure via IDOR — Workreap 5.3 -2022-12-05
CVE-2022-3858 Chaty < 3.0.3 - Admin+ SQLi — Floating Chat Widget: Contact Chat Icons, Telegram Chat, Line, WeChat, Email, SMS, Call Button 8.8 -2022-12-05
CVE-2022-3907 Clerk < 4.0.0 - Authentication Bypass and API Keys Disclosure — Clerk 7.5 -2022-12-05
CVE-2022-3838 WPUpper Share Buttons <= 3.42 - Admin+ Stored XSS — WPUpper Share Buttons 4.8 -2022-12-05
CVE-2022-1540 PostmagThemes Demo <= 1.0.7 - Admin+ Arbitrary File Upload — PostmagThemes Demo Import 7.2 -2022-12-05
CVE-2022-3249 WP CSV Exporter < 1.3.7 - Admin+ SQLi — WP CSV Exporter 7.2 -2022-12-05
CVE-2022-3926 WP OAuth Server < 3.4.2 - Client Secret Regeneration via CSRF — WP OAuth Server (OAuth Authentication) 6.5 -2022-12-05
CVE-2022-3426 Advanced WP Columns <= 2.0.6 - Admin+ Stored Cross-Site Scripting — Advanced WP Columns 4.8 -2022-12-05
CVE-2022-3830 WP Page Builder <= 1.2.8 - Admin+ Stored Cross-Site — WP Page Builder 4.8 -2022-12-05
CVE-2022-3892 WP OAuth Server < 4.2.2 - Admin+ Stored XSS — WP OAuth Server (OAuth Authentication) 4.8 -2022-12-05
CVE-2022-3677 Advanced Import < 1.3.8 - Arbitrary Plugin Installation & Activation via CSRF — Advanced Import : One Click Import for WordPress or Theme Demo Data 6.5 -2022-12-05
CVE-2022-3837 Uji Countdown < 2.3.1 - Admin+ Stored XSS — Uji Countdown 4.8 -2022-12-05
CVE-2022-3909 Add Comments <= 1.0.1 - Admin+ Stored XSS — Add Comments 4.8 -2022-12-05
CVE-2022-3694 Syncee - Global Dropshipping < 1.0.10 - Authentication Token Disclosure — Syncee 9.1 -2022-12-05
CVE-2022-3856 Comic Book Management System < 2.2.0 - Admin+ SQLi — Comic Book Management System 8.8 -2022-12-05
CVE-2022-3847 Showing URL in QR Code <= 0.0.1 - Stored XSS via CSRF — Showing URL in QR Code 4.7 -2022-11-28
CVE-2022-3865 WP User Merger < 1.5.3 - Admin+ SQLi via ID — WP User Merger 8.8 -2022-11-28
CVE-2022-3823 Beautiful Cookie Consent Banner < 2.9.1 - Admin+ Stored XSS — Beautiful Cookie Consent Banner 4.8 -2022-11-28
CVE-2022-3511 Awesome Support < 6.1.2 - Subscriber+ Arbitrary Exported Tickets Download — Awesome Support 6.5 -2022-11-28
CVE-2022-3839 Analytics for WP <= 1.5.1 - Admin+ Stored XSS — Analytics for WP 4.8 -2022-11-28
CVE-2022-3603 Export customers list CSV for WooCommerce < 2.0.69 - CSV Injection — Export customers list csv for WooCommerce, WordPress users csv, export Guest customer list 9.8 -2022-11-28
CVE-2022-3834 Google Forms <= 0.95 - Admin+ Stored XSS — Google Forms 4.8 -2022-11-28
CVE-2022-3822 Donations via PayPal < 1.9.9 - Admin+ Stored XSS — Donations via PayPal 4.8 -2022-11-28
CVE-2022-3848 WP User Merger < 1.5.3 - Admin+ SQLi via wpsu_user_id — WP User Merger 8.8 -2022-11-28
CVE-2022-3833 Fancier Author Box by ThematoSoup <= 1.4 - Admin+ Stored XSS — Fancier Author Box by ThematoSoup 4.8 -2022-11-28
CVE-2022-3824 WP Admin UI Customize < 1.5.13 - Admin+ Stored XSS — WP Admin UI Customize 4.8 -2022-11-28

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.