Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-24873 Tutor LMS < 1.9.11 - Reflected Cross-Site Scripting — Tutor LMS – eLearning and online course solutionCWE-79 6.1 -2021-11-23
CVE-2021-24830 Advanced Access Manager < 6.8.0 - Admin+ Stored Cross-Site Scripting — Advanced Access ManagerCWE-79 4.8 -2021-11-23
CVE-2021-24812 BetterLinks < 1.2.6 - Admin+ Stored Cross-Site Scripting — BetterLinks – Shorten, Track and Manage any URLCWE-79 5.4 -2021-11-23
CVE-2021-24729 Logo Showcase with Slick Slider < 1.2.4 - Author+ Stored Cross Site Scripting — Logo Showcase with Slick Slider – Logo Carousel, Logo Slider & Logo GridCWE-79 5.4 -2021-11-23
CVE-2021-24703 Download Plugin < 1.6.1 - Subscriber+ Arbitrary Plugin Activation — Download PluginCWE-732 6.5 -2021-11-23
CVE-2021-24700 Forminator < 1.15.4 - Admin+ Stored Cross-Site Scripting — Forminator – Contact Form, Payment Form & Custom Form BuilderCWE-79 4.8 -2021-11-23
CVE-2021-24668 MAZ Loader < 1.4.1 - Arbitrary Loader Deletion via CSRF — MAZ Loader – Preloader Builder for WordPressCWE-352 6.5 -2021-11-23
CVE-2021-24644 Images to WebP < 1.9 - Authenticated Local File Inclusion — Images to WebPCWE-22 7.5 -2021-11-23
CVE-2021-24641 Images to WebP < 1.9 - Multiple Cross Site Request Forgery (CSRF) — Images to WebPCWE-352 8.1 -2021-11-23
CVE-2021-24856 Shared Files < 1.6.61 - Admin+ Stored Cross-Site Scripting — Shared Files – Easy Download Manager and File Sharing Plugin with Frontend File UploadCWE-79 4.8 -2021-11-17
CVE-2021-24854 QR Redirector < 1.6.1 - Contributor+ Stored Cross-Site Scripting — QR RedirectorCWE-79 5.4 -2021-11-17
CVE-2021-24853 QR Redirector < 1.6 - Subscriber+ Arbitrary QR Redirect Response Status Update — QR RedirectorCWE-284 3.5 -2021-11-17
CVE-2021-24852 MouseWheel Smooth Scroll < 5.7 - Plugin's Setting Update via CSRF — MouseWheel Smooth ScrollCWE-352 6.5 -2021-11-17
CVE-2021-24851 Insert Pages < 3.7.0 - Contributor+ Arbitrary Posts/Pages Access — Insert PagesCWE-863 4.3 -2021-11-17
CVE-2021-24850 Insert Pages < 3.7.0 - Contributor+ Stored Cross-Site Scripting — Insert PagesCWE-79 5.4 -2021-11-17
CVE-2021-24847 SEO Redirection < 8.2 - Subscriber+ SQL Injection — SEO Redirection Plugin – 301 Redirect ManagerCWE-89 8.8 -2021-11-17
CVE-2021-24841 Helpful < 4.4.59 - Admin+ Stored Cross-Site Scripting — HelpfulCWE-79 4.8 -2021-11-17
CVE-2021-24834 YOP Poll < 6.3.1 - Author+ Stored Cross-Site Scripting via Options Module — YOP PollCWE-79 5.4 -2021-11-17
CVE-2021-24833 YOP Poll < 6.3.1 - Author+ Stored Cross-Site Scripting via Preview Module — YOP PollCWE-79 5.4 -2021-11-17
CVE-2021-24815 Paypal Donation < 1.3.2 - Admin+ Stored Cross-Site Scripting — Accept Donations with PayPalCWE-79 4.8 -2021-11-17
CVE-2021-24804 Simple JWT Login < 3.2.1 - Arbitrary Settings Update to Site Takeover via CSRF — Simple JWT Login – Login and Register to WordPress using JWTCWE-352 8.8 -2021-11-17
CVE-2021-24802 Colorful Categories < 2.0.15 - Arbitrary Colors Update via CSRF — Colorful CategoriesCWE-352 4.3 -2021-11-17
CVE-2021-24796 My Tickets < 1.8.31 - Unauthenticated Stored Cross-Site Scripting — My TicketsCWE-79 6.1 -2021-11-17
CVE-2021-24787 Client Invoicing by Sprout Invoices < 19.9.7 - Admin+ Stored Cross-Site Scripting — Client Invoicing by Sprout Invoices – Easy Estimates and Invoices for WordPressCWE-79 4.8 -2021-11-17
CVE-2021-24776 WP Performance Score Booster < 2.1 - Settings Change via CSRF — WP Performance Score Booster – Optimize Speed, Enable Cache & Page PreloadCWE-352 4.3 -2021-11-17
CVE-2021-24772 Stream < 3.8.2 - Admin+ SQL Injection — StreamCWE-89 8.8 -2021-11-17
CVE-2021-24758 Email Log < 2.4.7 - Admin+ SQL Injection — Email LogCWE-89 8.8 -2021-11-17
CVE-2021-24598 Testimonial Builder < 1.6.0 - Admin+ Stored Cross-Site Scripting — TestimonialCWE-79 4.8 -2021-11-17
CVE-2021-24840 Squaretype Modern Blog < 3.0.4 - Unauthenticated Private/Schedule Posts Disclosure — SquaretypeCWE-639 5.3 -2021-11-08
CVE-2021-24844 Affiliate Manager < 2.8.7 - Admin+ SQL injection — Affiliates ManagerCWE-89 7.2 -2021-11-08

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.