Lucene search
K

71 matches found

OSV
OSV
added 2024/05/17 9:15 a.m.5 views

CVE-2023-47679

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...

8.8CVSS5.8AI score0.00497EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/05/17 8:35 a.m.17 views

CVE-2023-47679 WordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...

6.4CVSS6.9AI score0.00497EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 8:35 a.m.26 views

CVE-2023-47679 WordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...

6.4CVSS6.4AI score0.00497EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/03/19 12:0 a.m.14 views

WordPress Qi Addons For Elementor Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)

Software Qi Addons For Elementor Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0826 Patch priority Low CVSS severity Low 6.5 Developer Qode Interactive PSID 2d3d74026644 Credits Webbernaut...

6.4CVSS5.8AI score0.00607EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2023/12/29 9:15 a.m.30 views

CVE-2023-47840

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

9.9CVSS0.01408EPSS
Exploits1References1
OSV
OSV
added 2023/12/29 9:15 a.m.3 views

CVE-2023-47840

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

8.8CVSS7.3AI score0.01408EPSS
Exploits1References1
Prion
Prion
added 2023/12/29 9:15 a.m.28 views

Code injection

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

6.5CVSS7.3AI score0.01408EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/12/29 9:10 a.m.46 views

CVE-2023-47840 WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE)

Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...

9.9CVSS9.8AI score0.01408EPSS
Exploits1References1
CVE
CVE
added 2023/12/29 9:10 a.m.102 views

CVE-2023-47840

CVE-2023-47840 affects Qode Essential Addons (

9.9CVSS8.5AI score0.01408EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2023/12/29 12:0 a.m.6 views

WordPress Plugin Qode Essential Addons Code Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...

9.9CVSS7.2AI score0.01408EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/12/01 12:0 a.m.7 views

PT-2023-30640 · Qode Interactive · Qode Essential Addons

Name of the Vulnerable Software and Affected Versions: Qode Essential Addons versions 1.5.2 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability. This vulnerability affects Qode Interactive Qode Essential Addons, allowing for co...

9.9CVSS9AI score0.01408EPSS
Exploits1References8
WPVulnDB
WPVulnDB
added 2023/11/30 12:0 a.m.34 views

Qode Essential Addons < 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation

Description The Qode Essential Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the installplugin function in all versions up to, and including, 1.5.2. This makes it possible for authenticated attackers, with subscriber-level acce...

9.9CVSS6.8AI score0.01408EPSS
Exploits1References1Affected Software1
GithubExploit
GithubExploit
added 2023/11/29 8:14 p.m.783 views

Exploit for Code Injection in Qodeinteractive Qode_Essential_Addons

CVE-2023-47840 Qode Essential Addons = 1.5.2 - Missing Aut...

9.9CVSS8.4AI score0.01408EPSS
Exploits1
Patchstack
Patchstack
added 2023/11/27 12:0 a.m.16 views

WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE)

Software Qode Essential Addons Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Remote Code Execution RCE CVE CVE-2023-47840 Patch priority High CVSS severity High 9.9 Developer Qode Interactive PSID 08030749500a Credits Brandon Roldan...

9.9CVSS7.2AI score0.01408EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/11/14 12:15 a.m.2 views

CVE-2023-47680

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...

5.4CVSS5.8AI score0.00409EPSS
Exploits0References1
NVD
NVD
added 2023/11/14 12:15 a.m.25 views

CVE-2023-47680

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...

6.5CVSS0.00409EPSS
Exploits0References1
Prion
Prion
added 2023/11/14 12:15 a.m.23 views

Cross site scripting

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...

4.9CVSS5.8AI score0.00409EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/13 11:13 p.m.58 views

CVE-2023-47680

CVE-2023-47680 affects the WordPress plugin Qi Addons For Elementor by Qode Interactive, with a Stored XSS in versions &lt;= 1.6.3 when exploited by users with contributor privileges. The issue stems from insufficient validation/escaping of parameters in the contributor+ workflow. Patchstack indi...

6.5CVSS5.3AI score0.00409EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/11/09 12:0 a.m.11 views

WordPress Qi Addons For Elementor Plugin <= 1.6.4 is vulnerable to Cross Site Scripting (XSS)

Software Qi Addons For Elementor Type Plugin Vulnerable versions = 1.6.4 Fixed in 1.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47680 Patch priority Low CVSS severity Low 6.5 Developer Qode Interactive PSID dee29da77c21 Credits Rafie Muhammad...

6.5CVSS5.8AI score0.00409EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2023/09/27 3:19 p.m.3 views

CVE-2023-40333

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Qode Interactive Bridge Core plugin = 3.0.9 versions...

6.1CVSS7.3AI score0.00323EPSS
Exploits0References1
Rows per page
Query Builder