30 matches found
EUVD-2024-51723
Malicious code in bioql PyPI...
EUVD-2023-51778
Malicious code in bioql PyPI...
EUVD-2023-51777
Malicious code in bioql PyPI...
CVE-2025-8146 Qi Addons for Elementor <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TypeOut Text Widget
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's TypeOut Text widget in all versions up to, and including, 1.9.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-8146
CVE-2025-8146 : Qi Addons For Elementor (WordPress) is vulnerable to Stored Cross-Site Scripting via the TypeOut Text widget in all versions up to and including 1.9.2, due to insufficient input sanitization and output escaping on user attributes. Exploitation requires authenticated access at cont...
PT-2025-31722 · WordPress · Qi Addons For Elementor
Name of the Vulnerable Software and Affected Versions: Qi Addons For Elementor plugin for WordPress versions up to and including 1.9.2 Description: The Qi Addons For Elementor plugin for WordPress is susceptible to Stored Cross-Site Scripting through the TypeOut Text widget. Insufficient input...
CVE-2025-6252
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-6252
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-6252 Qi Addons For Elementor <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2025-6252
CVE-2025-6252 concerns the WordPress plugin Qi Addons For Elementor (versions up to and including 1.9.1). The vulnerability is a Stored Cross-Site Scripting flaw caused by insufficient input sanitization and output escaping across multiple parameters, allowing an attacker with at least Contributo...
CVE-2025-6252 Qi Addons For Elementor <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 1.9.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
WordPress plugin Qi Addons For Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...
CVE-2023-47680
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...
CVE-2024-13699 Qi Addons For Elementor <= 1.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘cursor’ parameter in all versions up to, and including, 1.8.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2024-9530
The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...
CVE-2024-9530 Qi Addons For Elementor <= 1.8.0 - Sensitive Information Exposure
The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the...
WordPress Qi Addons For Elementor Plugin <= 1.7.2 is vulnerable to Local File Inclusion
Software Qi Addons For Elementor Type Plugin Vulnerable versions = 1.7.2 Fixed in 1.7.3 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2024-4887 Patch priority Low CVSS severity Low 8.5 Developer Qode Interactive PSID c1cece0585f4 Credits haidv35 Required privilege...
CVE-2024-4364
The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's button widgets in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticate...
CVE-2023-47679
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...
CVE-2023-47679 WordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...