Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-24512 Video Posts Webcam Recorder < 3.2.4 - Authenticated Reflected XSS — Video Posts Webcam RecorderCWE-79 5.4 -2021-08-16
CVE-2021-24471 YouTube Embed < 5.2.2 - Contributor+ Stored XSS — YouTube EmbedCWE-79 6.1 -2021-08-16
CVE-2021-24466 Verse-O-Matic <= 4.1.1 - CSRF to Stored XSS — Verse-O-MaticCWE-79 4.7 -2021-08-16
CVE-2021-24445 My Site Audit <= 1.2.4 - Authenticated Stored Cross-Site Scripting (XSS) — My Site AuditCWE-79 4.8 -2021-08-16
CVE-2021-24410 Telugu Bible Verse Daily <= 1.0 - CSRF to Stored XSS — తెలుగు బైబిల్ వచనములుCWE-79 6.1 -2021-08-16
CVE-2021-24411 Social Tape <= 1.0 - CSRF to Stored XSS — Social TapeCWE-79 6.1 -2021-08-16
CVE-2021-24380 Shantz WordPress QOTD <= 1.2.2 - Arbitrary Setting Update via CSRF — Shantz WordPress QOTDCWE-352 4.3 -2021-08-16
CVE-2021-24363 Photo Gallery < 1.5.75 - File Upload Path Traversal — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-22 4.9 -2021-08-16
CVE-2021-24362 Photo Gallery < 1.5.75 - Stored Cross-Site Scripting via Uploaded SVG — Photo Gallery by 10Web – Mobile-Friendly Image GalleryCWE-79 6.1 -2021-08-16
CVE-2021-24522 ProfilePress < 3.1.11 - Unauthenticated Cross-Site Scripting (XSS) in tabbed login/register widget — User Registration, User Profile, Login & Membership – ProfilePress (Formerly WP User Avatar)CWE-79 6.1 -2021-08-09
CVE-2021-24520 Stock in & out <= 1.0.4 - Authenticated SQL Injection — Stock in & outCWE-89 8.8 -2021-08-09
CVE-2021-24521 Side Menu Lite < 2.2.1 - Authenticated SQL Injection — Side Menu Lite – add sticky fixed buttonsCWE-89 7.2 -2021-08-09
CVE-2021-24509 Page View Counts < 2.4.9 - Contributor+ Stored XSS — Page View CountCWE-79 5.4 -2021-08-09
CVE-2021-24507 Astra Pro Addon < 3.5.2 - Unauthenticated SQL Injection — Astra Pro AddonCWE-89 9.8 -2021-08-09
CVE-2021-24505 Forms < 1.12.3 - Authenticated Stored Cross-Site Scripting (XSS) — FormsCWE-79 5.4 -2021-08-09
CVE-2021-24502 WP Google Map < 1.7.7 - Authenticated Stored Cross-Site Scripting (XSS) — Maps Plugin using Google Maps for WordPress – WP Google MapCWE-79 4.8 -2021-08-09
CVE-2021-24501 Workreap theme < 2.2.2 - Missing Authorization Checks in Ajax Actions — WorkreapCWE-283 6.5 -2021-08-09
CVE-2021-24500 Workreap theme < 2.2.2 - Multiple CSRF + IDOR Vulnerabilities — WorkreapCWE-283 8.1 -2021-08-09
CVE-2021-24495 Marmoset Viewer < 1.9.3 - Reflected Cross Site Scripting — Marmoset ViewerCWE-79 6.1 -2021-08-09
CVE-2021-24467 Leaflet Map < 3.0.0 - Arbitrary Settings Update via CSRF Leading to Stored XSS — Leaflet MapCWE-352 6.5 -2021-08-09
CVE-2021-24304 Newsmag < 5.0 - Unauthenticated Reflected Cross-site Scripting (XSS) — NewsmagCWE-79 6.1 -2021-08-09
CVE-2021-24499 Workreap theme < 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution — WorkreapCWE-434 9.8 -2021-08-09
CVE-2021-24504 WP LMS <= 1.1.2 - Stored Cross-Site Scripting (XSS) — WP LMS – Best WordPress LMS PluginCWE-79 6.1 -2021-08-02
CVE-2021-24503 Popular Brand SVG Icons - Simple Icons < 2.7.8 - Contributor+ Stored XSS — Popular Brand Icons – Simple IconsCWE-79 5.4 -2021-08-02
CVE-2021-24498 Calendar Event Multi View < 1.4.01 - Unauthenticated Reflected Cross-Site Scripting (XSS) — Calendar Event Multi ViewCWE-79 6.1 -2021-08-02
CVE-2021-24496 Community Event < 1.4.8 - Reflected Cross-Site Scripting (XSS) — Community EventsCWE-79 6.1 -2021-08-02
CVE-2021-24492 Handsome Testimonials & Reviews < 2.1.1 - Authenticated (Subscriber+) SQL Injection — Handsome Testimonials & ReviewsCWE-89 8.8 -2021-08-02
CVE-2021-24488 Post Grid < 2.1.8 - Reflected Cross-Site Scripting (XSS) — Post GridCWE-79 6.1 -2021-08-02
CVE-2021-24481 Any Hostname <= 1.0.6 - Authenticated Stored Cross-Site Scripting (XSS) — Any HostnameCWE-79 4.8 -2021-08-02
CVE-2021-24480 Event Geek <= 2.5.2 - Stored Cross-site Scripting (XSS) — Event GeekCWE-79 4.8 -2021-08-02

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.