Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

qodeinteractive — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting qodeinteractive. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Qodeinteractive develops WordPress themes and page builders, primarily serving website creation needs. Historically, their products have been associated with multiple remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. With 12 CVEs documented, their security track record shows recurring issues in file handling and user permissions. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities across their product line suggests ongoing challenges in secure coding practices, potentially exposing users to significant risks if timely patches are not applied.

Top products by qodeinteractive: Qi Addons For Elementor Qi Blocks QODE Wishlist for WooCommerce
CVE IDTitleCVSSSeverityPublished
CVE-2025-13157 QODE Wishlist for WooCommerce <= 1.2.7 - Unauthenticated Insecure Direct Object Reference to Wishlist Update — QODE Wishlist for WooCommerceCWE-639 5.3 Medium2025-11-27
CVE-2025-12182 Qi Blocks <= 1.4.3 - Missing Authorization to Arbitrary Attachment Resize — Qi BlocksCWE-284 4.3 Medium2025-11-15
CVE-2025-12180 Qi Blocks <= 1.4.3 - Missing Authorization to Authenticated (Contributor+) Plugin Settings Update — Qi BlocksCWE-862 4.3 Medium2025-11-01
CVE-2025-8146 Qi Addons for Elementor <= 1.9.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via TypeOut Text Widget — Qi Addons For ElementorCWE-79 6.4 Medium2025-08-02
CVE-2025-6252 Qi Addons For Elementor <= 1.9.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Qi Addons For ElementorCWE-79 6.4 Medium2025-06-28
CVE-2024-13699 Qi Addons For Elementor <= 1.8.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Qi Addons For ElementorCWE-79 6.4 Medium2025-02-04
CVE-2024-9530 Qi Addons For Elementor <= 1.8.0 - Sensitive Information Exposure — Qi Addons For ElementorCWE-200 4.3 Medium2024-10-23
CVE-2024-4887 Qi Addons For Elementor <= 1.7.2 - Authenticated (Contributor+) Local File Inclusion — Qi Addons For ElementorCWE-98 7.5 High2024-06-07
CVE-2024-5221 Qi Blocks <= 1.2.9 - Authenticated (Author+) Stored Cross-Site Scripting — Qi BlocksCWE-79 6.4 Medium2024-06-06
CVE-2024-4364 Qi Addons For Elementor <= 1.7.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Button Widget — Qi Addons For ElementorCWE-79 6.4 Medium2024-06-06
CVE-2024-3309 Qi Addons For Elementor <= 1.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Countdown widget — Qi Addons For ElementorCWE-79 6.4 Medium2024-04-27
CVE-2024-0826 Qi Addons For Elementor <= 1.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting — Qi Addons For ElementorCWE-79 6.4 Medium2024-04-09

This page lists every published CVE security advisory associated with qodeinteractive. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.