unknown — Vulnerabilities & Security Advisories 4139

Browse all 4139 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

CVE ID	Title	CVSS	Severity	Published
CVE-2021-24835	WCFM - Frontend Manager for WooCommerce < 6.5.12 - Customer/Subscriber+ SQL Injection — WCFM – Frontend Manager for WooCommerce along with Bookings Subscription Listings CompatibleCWE-89	8.8	-	2021-11-08
CVE-2021-24832	WP SEO Redirect 301 < 2.3.2 - Redirect Deletion via CSRF — WP SEO Redirect 301CWE-352	6.5	-	2021-11-08
CVE-2021-24829	Visitor Traffic Real Time Statistics < 3.9 - Subscriber+ SQL Injection — Visitor Traffic Real Time StatisticsCWE-89	8.8	-	2021-11-08
CVE-2021-24827	Asgaros Forum < 1.15.13 - Unauthenticated SQL Injection — Asgaros ForumCWE-89	9.8	-	2021-11-08
CVE-2021-24816	Phoenix Media Rename < 3.4.4 - Author Arbitrary Media File Renaming — Phoenix Media RenameCWE-284	4.3	-	2021-11-08
CVE-2021-24807	Support Board < 3.3.5 - Agent+ Stored Cross-Site Scripting — Support BoardCWE-79	5.4	-	2021-11-08
CVE-2021-24806	wpDiscuz < 7.3.4 - Arbitrary Comment Addition/Edition/Deletion via CSRF — Comments – wpDiscuzCWE-352	6.5	-	2021-11-08
CVE-2021-24801	WP Survey Plus <= 1.0 - Subscriber+ AJAX Calls — WP Survey PlusCWE-284	4.6	-	2021-11-08
CVE-2021-24798	WP Header Images < 2.0.1 - Reflected Cross-Site Scripting — WP Header ImagesCWE-79	6.1	-	2021-11-08
CVE-2021-24791	Header Footer Code Manager < 1.1.14 - Admin+ SQL Injections — Header Footer Code ManagerCWE-89	7.2	-	2021-11-08
CVE-2021-24788	Batch Cat <= 0.3 - Subscriber+ Arbitrary Categories Add/Set/Delete to Posts — Batch CatCWE-863	6.5	-	2021-11-08
CVE-2021-24783	Post Expirator < 2.6.0 - Contributor+ Arbitrary Post Schedule Deletion — Post Expirator: Automatically Unpublish WordPress PostsCWE-863	6.5	-	2021-11-08
CVE-2021-24767	Redirect 404 Error Page to Homepage or Custom Page with Logs < 1.7.9 - Log Deletion via CSRF — Redirect 404 Error Page to Homepage or Custom Page with LogsCWE-352	6.5	-	2021-11-08
CVE-2021-24766	404 to 301 < 3.0.9 - Logs Deletion via CSRF — 404 to 301 – Redirect, Log and Notify 404 ErrorsCWE-352	4.3	-	2021-11-08
CVE-2021-24731	Pie Register < 3.7.1.6 - Unauthenticated SQL Injection — Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation CodesCWE-89	9.8	-	2021-11-08
CVE-2021-24721	Loco Translate < 2.5.4 - Authenticated PHP Code Injection — Loco TranslateCWE-94	6.5	-	2021-11-08
CVE-2021-24710	Print-O-Matic < 2.0.3 - Admin+ Stored Cross-Site Scripting — Print-O-MaticCWE-79	4.8	-	2021-11-08
CVE-2021-24708	WP All Export < 1.3.1 - Admin+ Stored Cross-Site Scripting — Export any WordPress data to XML/CSVCWE-79	4.8	-	2021-11-08
CVE-2021-24706	Qwizcards < 3.62 - Admin+ Stored Cross Site Scripting — Qwizcards – online quizzes and flashcardsCWE-79	4.8	-	2021-11-08
CVE-2021-24701	Quiz Tool Lite <= 2.3.15 - Multiple Admin+ Stored Cross-Site Scripting — Quiz Tool LiteCWE-79	4.8	-	2021-11-08
CVE-2021-24698	Simple Download Monitor < 3.9.6 - Arbitrary Thumbnails Removal — Simple Download MonitorCWE-284	4.3	-	2021-11-08
CVE-2021-24697	Simple Download Monitor < 3.9.5 - Reflected Cross-Site Scripting — Simple Download MonitorCWE-79	6.1	-	2021-11-08
CVE-2021-24695	Simple Download Monitor < 3.9.6 - Unauthenticated Log Access — Simple Download MonitorCWE-425	5.3	-	2021-11-08
CVE-2021-24693	Simple Download Monitor < 3.9.5 - Contributor+ Stored Cross-Site Scripting via File Thumbnail — Simple Download MonitorCWE-79	7.6	-	2021-11-08
CVE-2021-24674	Genie WP Favicon <= 0.5.2 - Arbitrary Favicon Change via CSRF — Genie WP FaviconCWE-352	6.5	-	2021-11-08
CVE-2021-24669	MAZ Loader < 1.3.3 - Contributor+ SQL Injection — MAZ Loader – Preloader Builder for WordPressCWE-89	8.8	-	2021-11-08
CVE-2021-24664	WPSchoolPress < 2.1.17 - Multiple Admin+ Stored Cross-Site Scripting — School Management System – WPSchoolPressCWE-79	4.8	-	2021-11-08
CVE-2021-24647	Pie Register < 3.7.1.6 - Unauthenticated Arbitrary Login — Registration Forms – User profile, Content Restriction, Spam Protection, Payment Gateways, Invitation CodesCWE-287	8.1	-	2021-11-08
CVE-2021-24646	Booking.com Banner Creator < 1.4.3 - Admin+ Stored Cross-Site Scripting — Booking.com Banner CreatorCWE-79	4.8	-	2021-11-08
CVE-2021-24645	Booking.com Product Helper < 1.0.2 - Admin+ Stored Cross-Site Scripting — Booking.com Product HelperCWE-79	4.8	-	2021-11-08

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

unknown — Vulnerabilities & Security Advisories 4139