Lucene search
K

17 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-31899

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.0032EPSS
Exploits0References2
NVD
NVD
added 2025/08/02 5:15 a.m.4 views

CVE-2025-8146

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00218EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/06/28 12:0 a.m.5 views

PT-2025-27287 · WordPress · Qi Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to, and including, 1.9.1 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, allowing authenticated attackers wi...

6.4CVSS6.3AI score0.0021EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2025/05/23 10:41 a.m.10 views

CVE-2024-9530

The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...

4.3CVSS6.4AI score0.0039EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 10:21 a.m.11 views

CVE-2024-3309

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Countdown Widget's attributes in all versions up to, and including, 1.7.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.0032EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:37 a.m.7 views

CVE-2024-4364

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button widgets in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...

6.4CVSS5.8AI score0.00329EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:57 a.m.8 views

CVE-2023-47679

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...

8.8CVSS6.9AI score0.00497EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/04 12:22 p.m.13 views

CVE-2024-13699 Qi Addons For Elementor <= 1.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cursor’ parameter in all versions up to, and including, 1.8.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...

6.4CVSS5.7AI score0.00344EPSS
Exploits0References6
CVE
CVE
added 2025/02/04 12:22 p.m.54 views

CVE-2024-13699

CVE-2024-13699 affects the Qi Addons For Elementor WordPress plugin. It is a Stored Cross-Site Scripting vulnerability via the cursor parameter in all versions up to 1.8.7, enabling an authenticated attacker (Contributor level or higher) to inject scripts that execute when a user loads a page. Ro...

6.4CVSS5.9AI score0.00344EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2024/10/23 7:34 a.m.10 views

CVE-2024-9530 Qi Addons For Elementor <= 1.8.0 - Sensitive Information Exposure

The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...

4.3CVSS6.5AI score0.0039EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/23 12:0 a.m.3 views

PT-2024-39680 · WordPress · Qi Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to, and including, 1.8.0 Description: The issue allows authenticated attackers with Contributor-level access and above to extract sensitive data, including the contents of private...

4.3CVSS6.5AI score0.0039EPSS
Exploits0References8
OSV
OSV
added 2024/06/07 4:15 a.m.9 views

CVE-2024-4887

The Qi Addons For Elementor plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 1.7.2 via the 'behavior' attributes found in the qiaddonsforelementorbloglist shortcode. This makes it possible for authenticated attackers, with Contributor-level access...

7.5CVSS5.9AI score0.00631EPSS
Exploits0References2
EUVD
EUVD
added 2024/06/07 3:21 a.m.5 views

EUVD-2024-44457

The Qi Addons For Elementor plugin for WordPress is vulnerable to Remote File Inclusion in all versions up to, and including, 1.7.2 via the 'behavior' attributes found in the qiaddonsforelementorbloglist shortcode. This makes it possible for authenticated attackers, with Contributor-level access...

7.5CVSS6.7AI score0.00631EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/06/06 12:0 a.m.7 views

PT-2024-33251 · WordPress · Qi Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to, and including, 1.7.2 Description: The issue allows authenticated attackers with Contributor-level access and above to include remote files on the server, resulting in code execution...

7.5CVSS6.7AI score0.00631EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/06/05 12:0 a.m.5 views

PT-2024-30607 · WordPress · Qi Addons For Elementor

Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to, and including, 1.7.2 Description: The issue is related to Stored Cross-Site Scripting via the plugin's button widgets due to insufficient input sanitization and output escaping on...

6.4CVSS5.9AI score0.00329EPSS
Exploits0References11
Vulnrichment
Vulnrichment
added 2024/05/17 8:35 a.m.16 views

CVE-2023-47679 WordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...

6.4CVSS6.9AI score0.00497EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/09 6:58 p.m.16 views

CVE-2024-0826 Qi Addons For Elementor <= 1.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS7.4AI score0.00607EPSS
Exploits0References3
Rows per page
Query Builder