Browse all 5 CVE security advisories affecting QODE Interactive. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Qode Interactive develops WordPress themes and plugins for website creation, with five CVEs recorded to date. Historically, their products have been vulnerable to cross-site scripting (XSS) and remote code execution (RCE) due to insufficient input validation and improper sanitization. In 2021, a critical RCE vulnerability in their Qode Theme allowed attackers to execute arbitrary code through crafted requests. The company has faced repeated issues with privilege escalation flaws, enabling unauthorized access to administrative functions. While no major data breaches have been publicly documented, their consistent vulnerability patterns suggest ongoing challenges in secure coding practices, particularly regarding user input handling and access control mechanisms.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-47840 | WordPress Qode Essential Addons Plugin <= 1.5.2 is vulnerable to Remote Code Execution (RCE) — Qode Essential AddonsCWE-94 | 9.9 | Critical | 2023-12-29 |
This page lists every published CVE security advisory associated with QODE Interactive. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.