Lucene search
K

6 matches found

EUVD
EUVD
added 6 days ago7 views

EUVD-2026-40936

The Qi Blocks plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.4.9 via the 'pageid' parameter due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with author-level access and above, t...

4.3CVSS5.9AI score0.00196EPSS
Exploits0References5
CNVD
CNVD
added 2025/11/18 12:0 a.m.2 views

WordPress Qi Blocks plugin cross-site scripting vulnerability

WordPress Qi Blocks plugin is a WordPress block plugin developed by QodeInteractive, providing 48 free blocks and 33 premium blocks 81 in total, covering categories such as typography, infographics, form styles, content display, etc., and supporting highly customizable and flexible website buildi...

6.5CVSS6.1AI score0.00138EPSS
Exploits0References1
CNVD
CNVD
added 2025/11/05 12:0 a.m.2 views

WordPress Qi Blocks plugin missing authorization vulnerability

WordPress Qi Blocks plugin is a WordPress plugin developed by QodeInteractive, providing 81 customized Gutenberg blocks including 48 free modules and 33 premium modules, supporting WooCommerce, SEO and other 9 categories of functionality, creating complex layouts and integrating 550+ templates. A...

4.3CVSS7.1AI score0.00214EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/07/11 12:0 a.m.11 views

WordPress Qi Blocks Plugin <= 1.3 is vulnerable to Cross Site Scripting (XSS)

Software Qi Blocks Type Plugin Vulnerable versions = 1.3 Fixed in 1.3.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-38712 Patch priority Low CVSS severity Low 6.5 Developer Qode Interactive PSID 2769fd09ee1f Credits João Pedro S Alcântara Kinorth Required...

6.5CVSS6.6AI score0.00263EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/06/06 2:57 a.m.6 views

WordPress Qi Blocks plugin <= 1.2.9 - Authenticated (Author+) Stored Cross-Site Scripting vulnerability

Authenticated Author+ Stored Cross-Site Scripting vulnerability discovered by wesley wcraft in WordPress Plugin Qi Blocks versions = 1.2.9...

6.4CVSS5.7AI score0.00252EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/06 12:0 a.m.18 views

WordPress Qi Blocks Plugin <= 1.2.9 is vulnerable to Cross Site Scripting (XSS)

Software Qi Blocks Type Plugin Vulnerable versions = 1.2.9 Fixed in 1.3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5221 Patch priority Low CVSS severity Low 5.9 Developer Qode Interactive PSID 7421a294030a Credits wesley wcraft Required...

6.4CVSS5.8AI score0.00252EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder