Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2022-2261 WPide < 3.0 - Admin+ Local File Inclusion — WPIDE – File Manager & Code EditorCWE-22 7.2 -2022-08-29
CVE-2022-2267 MailChimp for Woocommerce < 2.7.1 - Subscriber+ SSRF — Mailchimp for WooCommerceCWE-918 4.3 -2022-08-29
CVE-2022-2373 Simply Schedule Appointments < 1.5.7.7 - Unauthenticated Email Address Disclosure — Simply Schedule Appointments – WordPress Booking PluginCWE-862 5.3 -2022-08-29
CVE-2022-2080 Sensei LMS < 4.5.2 - Arbitrary Private Message Sending via IDOR — Sensei LMS – Online Courses, Quizzes, & LearningCWE-639 5.4 -2022-08-29
CVE-2022-2034 Sensei LMS < 4.5.0 - Unauthenticated Private Messages Disclosure via Rest API — Sensei LMS 5.3 -2022-08-29
CVE-2022-1663 Stop Spam Comments <= 0.2.1.2 - Access Token Bypass — Stop Spam CommentsCWE-200 6.5 -2022-08-29
CVE-2022-1123 Leaflet Maps Marker < 3.12.5 - Admin+ SQLi — Leaflet Maps Marker (Google Maps, OpenStreetMap, Bing Maps)CWE-89 7.2 -2022-08-29
CVE-2022-2600 Auto-hyperlink URLs <= 5.4.1 - Tab Nabbing — Auto-hyperlink URLsCWE-1022 5.4 -2022-08-22
CVE-2022-2593 Better Search and Replace < 1.4.1 - Admin+ SQLi — Better Search ReplaceCWE-89 7.2 -2022-08-22
CVE-2022-2558 Simple Job Board < 2.10.0 - Resume Disclosure via Directory Listing — Simple Job BoardCWE-200 5.3 -2022-08-22
CVE-2022-2557 WordPress Team Members Showcase < 4.1.2 - Subscriber+ Arbitrary File Read and Deletion — Team – WordPress Team Members Showcase PluginCWE-22 8.8 -2022-08-22
CVE-2022-2555 Yotpo Reviews for WooCommerce <= 2.0.4 - Arbitrary Settings Update via CSRF — Yotpo Reviews for WooCommerce (Unofficial)CWE-352 6.5 -2022-08-22
CVE-2022-2552 Duplicator < 1.4.7.1 - Unauthenticated System Information Disclosure — Duplicator 5.3 -2022-08-22
CVE-2022-2551 Duplicator < 1.4.7 - Unauthenticated Backup Download — Duplicator – WordPress Migration PluginCWE-425 7.5 -2022-08-22
CVE-2022-2544 Ninja Job Board < 1.3.3 - Resume Disclosure via Directory Listing — Ninja Job Board – Ultimate WordPress Job Board PluginCWE-425 7.5 -2022-08-22
CVE-2022-2532 Feed Them Social < 3.0.1 - Reflected Cross-Site Scripting — Feed Them Social – for Twitter feed, Youtube and moreCWE-79 6.1 -2022-08-22
CVE-2022-2407 WP phpMyAdmin < 5.2.0.4 - Admin+ Stored Cross-Site Scripting — WP phpMyAdminCWE-79 4.8 -2022-08-22
CVE-2022-2392 Lana Downloads Manager < 1.8.0 - Contributor+ Arbitrary File Download — Lana Downloads ManagerCWE-552 6.5 -2022-08-22
CVE-2022-2389 Automations By Autonami < 2.1.2 - Subscriber+ Automation Creation — Abandoned Cart Recovery for WooCommerce, Follow Up Emails, Newsletter Builder & Marketing Automation By AutonamiCWE-862 4.3 -2022-08-22
CVE-2022-2388 WP Coder < 2.5.3 - Code Deletion via CSRF — WP Coder – add custom html, css and js codeCWE-352 6.5 -2022-08-22
CVE-2022-2383 Feed Them Social < 3.0.1 - Reflected Cross-Site Scripting — Feed Them Social – for Twitter feed, Youtube and moreCWE-79 6.1 -2022-08-22
CVE-2022-2382 Product Slider for WooCommerce < 2.5.7 - Subscriber+ Arbitrary Options Deletion — Product Slider for WooCommerceCWE-862 4.3 -2022-08-22
CVE-2022-2377 Directorist < 7.3.0 - Subscriber+ Arbitrary E-mail Sending — Directorist – WordPress Business Directory Plugin with Classified Ads ListingsCWE-862 4.3 -2022-08-22
CVE-2022-2375 WP Sticky Button < 1.4.1 - Unauthenticated Arbitrary Settings Update to Stored XSS — WP Sticky Button – Click to ChatCWE-79 6.1 -2022-08-22
CVE-2022-2362 Download Manager < 3.2.50 - Bypass IP Address Blocking Restriction — Download ManagerCWE-79 9.1 -2022-08-22
CVE-2022-2361 Social Chat < 6.0.5 - Admin+ Stored Cross-Site Scripting — WP Social Chat – Click To Chat AppCWE-79 4.8 -2022-08-22
CVE-2022-2312 Student Result or Employee Database < 1.7.5 - Stored Cross Site Scripting via CSRF — Student Result or Employee DatabaseCWE-639 5.4 -2022-08-22
CVE-2022-2276 WP Edit Menu < 1.5.0 - Unauthenticated Arbitrary Post Deletion — WP Edit MenuCWE-862 4.3 -2022-08-22
CVE-2022-2275 WP Edit Menu <= 1.5.0 - Arbitrary Post Deletion via CSRF — WP Edit MenuCWE-352 4.3 -2022-08-22
CVE-2022-2198 WPQA < 5.7 - Subscriber+ Private Message Disclosure via IDOR — WPQA BuilderCWE-639 4.3 -2022-08-22

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.