Browse all 12 CVE security advisories affecting qodeinteractive. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Qodeinteractive develops WordPress themes and page builders, primarily serving website creation needs. Historically, their products have been associated with multiple remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. With 12 CVEs documented, their security track record shows recurring issues in file handling and user permissions. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities across their product line suggests ongoing challenges in secure coding practices, potentially exposing users to significant risks if timely patches are not applied.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-13157 | QODE Wishlist for WooCommerce <= 1.2.7 - Unauthenticated Insecure Direct Object Reference to Wishlist Update — QODE Wishlist for WooCommerceCWE-639 | 5.3 | Medium | 2025-11-27 |
This page lists every published CVE security advisory associated with qodeinteractive. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.