Qodeinteractive : Security Vulnerabilities, CVEs, CVSS score >= 1

CVE-2023-47840

Improper Control of Generation of Code ('Code Injection') vulnerability in Qode Interactive Qode Essential Addons.This issue affects Qode Essential Addons: from n/a through 1.5.2.
Max CVSS
9.9
EPSS Score
0.05%
Published
2023-12-29
Updated
2024-01-04

CVE-2023-40333

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Qode Interactive Bridge Core plugin <= 3.0.9 versions.
Max CVSS
7.1
EPSS Score
0.05%
Published
2023-09-27
Updated
2023-09-27

CVE-2023-47680

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Qode Interactive Qi Addons For Elementor plugin <= 1.6.3 versions.
Max CVSS
6.5
EPSS Score
0.05%
Published
2023-11-14
Updated
2023-11-17

CVE-2024-0826

The Qi Addons For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's widgets in all versions up to, and including, 1.6.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Max CVSS
6.4
EPSS Score
0.05%
Published
2024-04-09
Updated
2024-04-09

CVE-2017-13138

DOM based Cross-site scripting (XSS) vulnerability in the Bridge theme before 11.2 for WordPress allows remote attackers to inject arbitrary JavaScript.
Max CVSS
6.1
EPSS Score
0.21%
Published
2017-08-23
Updated
2017-08-27
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close