CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-44884

Malicious code in bioql PyPI...

7.5CVSS6.4AI score0.0384EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:15 a.m.•8 views

CVE-2023-47840

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

9.9CVSS8.6AI score0.21185EPSS

Exploits1References1

RedhatCVE•added 2025/02/05 6:48 a.m.•3 views

CVE-2024-50457

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Qode Qode Essential Addons qode-essential-addons.This issue affects Qode Essential Addons: from n/a through = 1.6.3...

8.8CVSS5.9AI score0.0384EPSS

Exploits0References1

OSV•added 2024/10/28 8:15 p.m.•1 views

CVE-2024-50457

: Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.6.3...

8.8CVSS5.8AI score0.0384EPSS

Exploits0References1

NVD•added 2024/10/28 8:15 p.m.•9 views

CVE-2024-50457

8.8CVSS0.0384EPSS

Exploits0References1

Vulnrichment•added 2024/10/28 7:49 p.m.•11 views

CVE-2024-50457 WordPress Qode Essential Addons plugin <= 1.6.3 - Local File Inclusion vulnerability

7.5CVSS5.9AI score0.0384EPSS

Exploits0References1

CNNVD•added 2024/10/28 12:0 a.m.•1 views

WordPress plugin Qode Essential Addons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.5CVSS6.6AI score0.0384EPSS

Exploits0References1

Patchstack•added 2024/10/24 10:16 a.m.•2 views

WordPress Qode Essential Addons plugin <= 1.6.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Qode Essential Addons versions = 1.6.3...

8.8CVSS7AI score0.0384EPSS

Exploits0Affected Software1

Patchstack•added 2024/10/24 12:0 a.m.•11 views

WordPress Qode Essential Addons Plugin <= 1.6.3 is vulnerable to Local File Inclusion

Software Qode Essential Addons Type Plugin Vulnerable versions = 1.6.3 Fixed in 1.6.4 OWASP Top 10 A1: Broken Access Control Classification Local File Inclusion CVE CVE-2024-50457 Patch priority Low CVSS severity Low 7.5 Developer Qode Interactive PSID 91c64e17ca1a Credits João Pedro S Alcântara...

7.5CVSS7.6AI score0.0384EPSS

Exploits0References2Affected Software1

OSV•added 2023/12/29 9:15 a.m.•1 views

CVE-2023-47840

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

8.8CVSS7.3AI score0.21185EPSS

Exploits1References1

Cvelist•added 2023/12/29 9:10 a.m.•30 views

CVE-2023-47840 WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE)

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

9.9CVSS9.8AI score0.21185EPSS

Exploits1References1

CVE•added 2023/12/29 9:10 a.m.•89 views

CVE-2023-47840

CVE-2023-47840 affects Qode Essential Addons (

9.9CVSS8.5AI score0.21185EPSS

Exploits1References1Affected Software1

CNNVD•added 2023/12/29 12:0 a.m.•3 views

WordPress Plugin Qode Essential Addons Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...

9.9CVSS7.2AI score0.21185EPSS

Exploits1References2

Positive Technologies•added 2023/12/01 12:0 a.m.•5 views

PT-2023-30640 · Qode Interactive · Qode Essential Addons

Name of the Vulnerable Software and Affected Versions: Qode Essential Addons versions 1.5.2 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability. This vulnerability affects Qode Interactive Qode Essential Addons, allowing for co...

9.9CVSS9AI score0.21185EPSS

Exploits1References8

WPVulnDB•added 2023/11/30 12:0 a.m.•32 views

Qode Essential Addons < 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

Description The Qode Essential Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the installplugin function in all versions up to, and including, 1.5.2. This makes it possible for authenticated attackers, with subscriber-level acce...

9.9CVSS6.8AI score0.21185EPSS

Exploits1References1Affected Software1

GithubExploit•added 2023/11/29 8:14 p.m.•740 views

Exploit for Code Injection in Qodeinteractive Qode_Essential_Addons

CVE-2023-47840 Qode Essential Addons = 1.5.2 - Missing Aut...

9.9CVSS8.4AI score0.21185EPSS

Exploits1

Patchstack•added 2023/11/27 12:0 a.m.•13 views

WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE)

Software Qode Essential Addons Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Remote Code Execution RCE CVE CVE-2023-47840 Patch priority High CVSS severity High 9.9 Developer Qode Interactive PSID 08030749500a Credits Brandon Roldan...

9.9CVSS7.2AI score0.21185EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by