71 matches found
CVE-2023-47679
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...
CVE-2023-47679 WordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...
CVE-2023-47679 WordPress Qi Addons For Elementor plugin <= 1.6.3 - Local File Inclusion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in QODE Interactive Qi Addons For Elementor allows PHP Local File Inclusion.This issue affects Qi Addons For Elementor: from n/a through 1.6.3...
WordPress Qi Addons For Elementor Plugin <= 1.6.7 is vulnerable to Cross Site Scripting (XSS)
Software Qi Addons For Elementor Type Plugin Vulnerable versions = 1.6.7 Fixed in 1.6.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0826 Patch priority Low CVSS severity Low 6.5 Developer Qode Interactive PSID 2d3d74026644 Credits Webbernaut...
CVE-2023-47840
Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...
CVE-2023-47840
Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...
Code injection
Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...
CVE-2023-47840 WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE)
Improper Control of Generation of Code 'Code Injection' vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2...
CVE-2023-47840
CVE-2023-47840 affects Qode Essential Addons (
WordPress Plugin Qode Essential Addons Code Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A code injection vulnerability exists in...
PT-2023-30640 · Qode Interactive · Qode Essential Addons
Name of the Vulnerable Software and Affected Versions: Qode Essential Addons versions 1.5.2 and earlier Description: The issue is related to an Improper Control of Generation of Code 'Code Injection' vulnerability. This vulnerability affects Qode Interactive Qode Essential Addons, allowing for co...
Qode Essential Addons < 1.5.3 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation
Description The Qode Essential Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the installplugin function in all versions up to, and including, 1.5.2. This makes it possible for authenticated attackers, with subscriber-level acce...
Exploit for Code Injection in Qodeinteractive Qode_Essential_Addons
CVE-2023-47840 Qode Essential Addons = 1.5.2 - Missing Aut...
WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE)
Software Qode Essential Addons Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A1: Broken Access Control Classification Remote Code Execution RCE CVE CVE-2023-47840 Patch priority High CVSS severity High 9.9 Developer Qode Interactive PSID 08030749500a Credits Brandon Roldan...
CVE-2023-47680
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...
CVE-2023-47680
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...
Cross site scripting
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Qode Interactive Qi Addons For Elementor plugin = 1.6.3 versions...
CVE-2023-47680
CVE-2023-47680 affects the WordPress plugin Qi Addons For Elementor by Qode Interactive, with a Stored XSS in versions <= 1.6.3 when exploited by users with contributor privileges. The issue stems from insufficient validation/escaping of parameters in the contributor+ workflow. Patchstack indi...
WordPress Qi Addons For Elementor Plugin <= 1.6.4 is vulnerable to Cross Site Scripting (XSS)
Software Qi Addons For Elementor Type Plugin Vulnerable versions = 1.6.4 Fixed in 1.6.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-47680 Patch priority Low CVSS severity Low 6.5 Developer Qode Interactive PSID dee29da77c21 Credits Rafie Muhammad...
CVE-2023-40333
Unauth. Reflected Cross-Site Scripting XSS vulnerability in Qode Interactive Bridge Core plugin = 3.0.9 versions...