Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPublished
CVE-2021-24479 DrawBlog <= 0.90 - Authenticated Stored Cross-Site Scripting (XSS) — DrawBlogCWE-79 4.8 -2021-08-02
CVE-2021-24478 Bookshelf <= 2.0.4 - Authenticated Stored Cross-Site Scripting (XSS) — BookshelfCWE-79 5.4 -2021-08-02
CVE-2021-24477 Migrate Users <= 1.0.1 - CSRF to Stored Cross-Site Scripting (XSS) — Migrate UsersCWE-79 6.1 -2021-08-02
CVE-2021-24476 Steam Group Viewer <= 2.1 - Authenticated Stored Cross-Site Scripting (XSS) — Steam Group ViewerCWE-79 5.4 -2021-08-02
CVE-2021-24474 Awesome Weather Widget <= 3.0.2 - Reflected Cross-site Scripting (XSS) — Awesome Weather WidgetCWE-79 6.1 -2021-08-02
CVE-2021-24473 User Profile Picture < 2.6.0 - Arbitrary User Picture Change/Deletion via IDOR — User Profile PictureCWE-639 5.4 -2021-08-02
CVE-2021-24470 Yada Wiki < 3.4.1 - Contributor+ Stored XSS — Yada WikiCWE-79 5.4 -2021-08-02
CVE-2021-24468 Leaflet Map < 3.0.0 - Contributor+ Stored XSS — Leaflet MapCWE-79 5.4 -2021-08-02
CVE-2021-24464 YouTube Embed, Playlist and Popup < 2.3.9 - Contributor+ Stored XSS — YouTube Embed, Playlist and Popup by WpDevArtCWE-79 5.4 -2021-08-02
CVE-2021-24455 Tutor LMS < 1.9.2 - Authenticated Stored Cross-Site Scripting (XSS) — Tutor LMS – eLearning and online course solutionCWE-79 5.4 -2021-08-02
CVE-2021-24450 ProfilePress < 3.1.8 - Authenticated Stored XSS — User Registration, User Profiles, Login & Membership – ProfilePress (Formerly WP User Avatar)CWE-79 4.8 -2021-08-02
CVE-2021-24448 Profile Builder < 3.4.8 - Authenticated Stored XSS — User Registration & User Profile – Profile BuilderCWE-79 4.8 -2021-08-02
CVE-2021-24443 Youzify < 1.0.7 - Stored Cross-Site Scripting via Biography — Youzify – BuddyPress Community, User Profile, Social Network & Membership Plugin for WordPressCWE-79 5.4 -2021-08-02
CVE-2021-24430 Speed Booster Pack 4.2.0-beta - Authenticated (admin+) RCE — Speed Booster Pack ⚡ PageSpeed Optimization SuiteCWE-94 8.8 -2021-08-02
CVE-2021-24428 RSS for Yandex Turbo <= 1.30 - Authenticated Stored XSS — RSS for Yandex TurboCWE-79 4.8 -2021-08-02
CVE-2021-24425 myStickymenu < 2.5.2 - Authenticated Stored XSS — Floating Notification Bar, Sticky Menu on Scroll, and Sticky Header for Any Theme – myStickymenuCWE-79 4.8 -2021-08-02
CVE-2021-24371 RSVPMaker < 8.7.3 - Authenticated (admin+) SSRF — RSVPMakerCWE-918 2.7 -2021-08-02
CVE-2021-24444 TaxoPress < 3.0.7.2 - Authenticated Stored Cross-Site Scripting (XSS) — TaxoPress – Create and Manage Taxonomies, Tags, CategoriesCWE-79 4.8 -2021-08-02
CVE-2021-24482 Related Posts for WordPress <= 2.0.4 - Authenticated Stored XSS & XFS — Related Posts for WordPressCWE-79 4.8 -2021-07-19
CVE-2021-24453 Include Me <= 1.2.1 - Authenticated Remote Code Execution (RCE) via LFI log poisoning — Include MeCWE-22 8.8 -2021-07-19
CVE-2021-24447 WP Image Zoom < 1.47 - Local File Inclusion — WP Image ZoomCWE-22 6.5 -2021-07-19
CVE-2021-24454 YOP Poll < 6.2.8 - Stored Cross-Site Scripting — YOP PollCWE-79 6.1 -2021-07-12
CVE-2021-24441 Sign-up Sheets < 1.0.14 - Authenticated CSV Injection — Sign-up SheetsCWE-1236 8.0 -2021-07-12
CVE-2021-24440 Sign-up Sheets < 1.0.14 - Authenticated Stored Cross-Site Scripting (XSS) — Sign-up SheetsCWE-79 4.8 -2021-07-12
CVE-2021-24439 Browser Screenshots < 1.7.6 - Contributor+ Stored XSS — Browser ScreenshotsCWE-79 5.4 -2021-07-12
CVE-2021-24434 Glass <= 1.3.2 - CSRF to Stored Cross-Site Scripting (XSS) — GlassCWE-79 6.1 -2021-07-12
CVE-2021-24426 Backup by 10Web <= 1.0.20 - Reflected Cross-Site Scripting (XSS) — Backup by 10Web – Backup and Restore PluginCWE-79 4.8 -2021-07-12
CVE-2021-24424 WP Reset < 1.90 - Authenticated Stored XSS — WP Reset – Most Advanced WordPress Reset ToolCWE-79 4.8 -2021-07-12
CVE-2021-24421 WP JobSearch < 1.7.4 - Authenticated Stored XSS — WP JobSearchCWE-79 5.4 -2021-07-12
CVE-2021-24420 Request a Quote < 2.3.4 - Authenticated Stored XSS — Request a QuoteCWE-79 5.4 -2021-07-12

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.