Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

unknown — Vulnerabilities & Security Advisories 4138

Browse all 4138 CVE security advisories affecting unknown. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products unknown:Contest GalleryDownload ManagerTutor LMS – eLearning and online course solutionEventONModern Events Calendar Litewp-eMemberAI ChatBotElementor Website BuilderNinja Forms Contact Form – The Drag and Drop Form Builder for WordPressWelcart e-CommerceLogo SliderForm Maker by 10WebBooster for WooCommerceYi Technologywp-cart-for-digital-productswp-affiliate-platformPhoto Gallery by 10WebMapPress Maps for WordPressEventPrimePopup boxWPQA BuilderWP MultiTaskingPhoto Gallery by 10Web – Mobile-Friendly Image GallerySalon booking systemSimple Download MonitorAutoptimizeVikBooking Hotel Booking Engine & PMSLearnPressNewsletter PopupNinja Forms
CVE IDTitleCVSSSeverityPaused
CVE-2025-9544 Doppler Forms <= 2.5.1 - Subscriber+ Limited Plugin Installation — Doppler Forms 8.8AIHighAI2025-10-29
CVE-2025-11154 IDonate < 2.1.13 - Unauthenticated User Deletion — IDonate 6.5AIMediumAI2025-10-27
CVE-2025-9978 Jeg Elementor Kit < 2.7.0 - Author+ Stored XSS — Jeg Kit for Elementor 6.1 -2025-10-24
CVE-2025-10874 Orbit Fox < 3.0.2 - Author+ Server-Side Request Forgery — Orbit Fox: Duplicate Page, Menu Icons, SVG Support, Cookie Notice, Custom Fonts & More 8.2 -2025-10-24
CVE-2025-10723 PixelYourSite < 11.1.2 - Admin+ LFI — PixelYourSite 4.9 -2025-10-24
CVE-2025-5983 Meta Tag Manager < 3.3 - Contributor+ Open Redirect — Meta Tag Manager 4.3AIMediumAI2025-10-22
CVE-2025-10638 NS Maintenance Mode for WP <= 1.3.1 - Unauthenticated Subscribers Export — NS Maintenance Mode for WP 5.3AIMediumAI2025-10-22
CVE-2025-10916 FormGent < 1.0.4 - Unauthenticated Arbitrary File Deletion — FormGent 9.1AICriticalAI2025-10-21
CVE-2025-10406 BlindMatrix e-Commerce < 3.1 - Contributor+ LFI — BlindMatrix e-Commerce 6.5AIMediumAI2025-10-15
CVE-2025-8594 Pz-LinkCard < 2.5.7 - Contributor+ SSRF — Pz-LinkCard 8.1AIHighAI2025-10-14
CVE-2025-10357 Simple SEO < 2.0.32 - Contributor+ Stored XSS — Simple SEO 5.4AIMediumAI2025-10-14
CVE-2025-10720 WP Private Content Plus <= 3.6.2 - Password Protection Bypass — WP Private Content Plus 8.2AIHighAI2025-10-13
CVE-2025-9698 The Plus Addons for Elementor < 6.3.16 - Author+ Stored XSS — The Plus Addons for Elementor 5.4AIMediumAI2025-10-13
CVE-2025-10124 Booking Manager < 2.1.15 - Contributor+ Booking Deletion — Booking Manager 4.3AIMediumAI2025-10-10
CVE-2025-10635 Find Me On <= 2.0.9.1 - Subscriber+ SQL Injection — Find Me On 8.8AIHighAI2025-10-08
CVE-2025-10162 OrderConvo < 14 - Unauthenticated Arbitrary File Read — Admin and Customer Messages After Order for WooCommerce: OrderConvo 7.5AIHighAI2025-10-07
CVE-2025-9710 Responsive Lightbox & Gallery < 2.5.3 - Unauthenticated Stored-XSS via Comments — Responsive Lightbox & Gallery 6.1AIMediumAI2025-10-06
CVE-2025-9703 Ultimate Addons for Elementor Lite < 2.5.0 - Author+ Stored XSS — Ultimate Addons for Elementor (Formerly Elementor Header & Footer Builder) 6.1AIMediumAI2025-10-06
CVE-2025-9697 Ajax WooSearch <= 1.0.0 - Unauthenticated SQL Injection — Ajax WooSearch 9.8AICriticalAI2025-10-02
CVE-2025-9587 CTL Behance Importer Lite <= 1.0 - Unauthenticated SQL Injection — CTL Behance Importer Lite 9.8AICriticalAI2025-10-02
CVE-2025-9512 Schema & Structured Data for WP & AMP < 1.50 - Unauthenticated Stored-XSS — Schema & Structured Data for WP & AMP 6.1AIMediumAI2025-10-01
CVE-2024-5200 Postie < 1.9.71 - Admin+ Stored XSS — Postie 4.8AIMediumAI2025-09-29
CVE-2025-8282 SureForms < 1.9.1 - Admin+ Stored XSS — SureForms 4.8AIMediumAI2025-09-23
CVE-2025-9541 Markup Markdown < 3.20.10 - Contributor+ Stored XSS — Markup Markdown 5.4AIMediumAI2025-09-22
CVE-2025-9540 Markup Markdown < 3.20.10 - Contributor+ Stored XSS — Markup Markdown 5.4AIMediumAI2025-09-22
CVE-2025-9487 Admin and Site Enhancements < 7.9.8 - Authenticated Stored XSS via SVG — Admin and Site Enhancements (ASE) 5.4AIMediumAI2025-09-22
CVE-2025-9115 Etsy Shop < 3.0.7 - Reflected XSS via $_SERVER['REQUEST_URI'] — Etsy Shop 6.1AIMediumAI2025-09-22
CVE-2025-9083 Ninja-forms < 3.11.1 - Unauthenticated PHP Objection — Ninja Forms 9.8AICriticalAI2025-09-18
CVE-2025-8942 WP Hotel Booking < 2.2.3 - Subscriber+ Rating Manipulation — WP Hotel Booking 5.3AIMediumAI2025-09-18
CVE-2025-5305 Password Reset with Code < 0.0.17 - Insecure Password Reset Code Creation — Password Reset with Code for WordPress REST API 9.8AICriticalAI2025-09-18

This page lists every published CVE security advisory associated with unknown. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.