Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

quantumcloud — Vulnerabilities & Security Advisories 52

Browse all 52 CVE security advisories affecting quantumcloud. AI-powered Chinese analysis, POCs, and references for each vulnerability.

QuantumCloud operates as a hybrid cloud infrastructure provider, offering scalable computing resources and data storage solutions to enterprise clients. Security audits have identified fifty-two Common Vulnerabilities and Exposures (CVEs) associated with its platform, indicating persistent weaknesses in its software development lifecycle. The majority of these vulnerabilities fall into critical categories, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. These issues often stem from inadequate input validation and improper access control mechanisms within its web interface and API endpoints. While no widespread data breaches have been publicly confirmed, the high volume of disclosed CVEs suggests a reactive rather than proactive security posture. Recent patches have addressed several critical RCE vectors, yet the recurring nature of these flaws highlights ongoing challenges in maintaining robust defense-in-depth strategies across its distributed architecture.

Top products by quantumcloud: WPBot – AI ChatBot for Live Support, Lead Generation, AI Services Simple Link Directory AI ChatBot ChatBot WPBot Pro Wordpress Chatbot Conversational Forms for ChatBot Simple Business Directory Pro KBx Pro Ultimate SEO Help AI Infographic Maker QC SEO Help for llms.txt, AI Analytics, AI Content Writer, Subtitle to Article Floating Buttons for WooCommerce Floating Action Buttons Highlight iChart – Easy Charts and Graphs Infographic Maker – iList ChatBot with AI Slider Hero with Video Background, Animation
CVE IDTitleCVSSSeverityPublished
CVE-2024-52395 WordPress Floating Buttons for WooCommerce plugin <= 2.8.8 - Broken Access Control vulnerability — Floating Buttons for WooCommerceCWE-862 5.3 Medium2024-11-19
CVE-2024-6669 AI ChatBot for WordPress – WPBot <= 5.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-79 5.5 Medium2024-07-17
CVE-2024-5858 Infographic Maker iList <= 4.7.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Title Update — AI Infographic MakerCWE-862 4.3 Medium2024-06-15
CVE-2024-0453 AI ChatBot <= 5.3.4 - Missing Authorization via openai_file_delete_callback — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-284 5.0 Medium2024-05-22
CVE-2024-0452 AI ChatBot <= 5.3.4 - Missing Authorization via openai_file_upload_callback — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-284 5.0 Medium2024-05-22
CVE-2024-0451 AI ChatBot <= 5.3.4 - Missing Authorization via openai_file_list_callback — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-284 5.0 Medium2024-05-22
CVE-2024-34380 WordPress ChatBot Conversational Forms plugin <= 1.2.0 - Cross Site Scripting (XSS) vulnerability — Conversational Forms for ChatBotCWE-79 5.9 Medium2024-05-06
CVE-2024-32696 WordPress AI Infographic Maker OpenAI plugin <= 4.6.6 - Cross Site Scripting (XSS) vulnerability — Infographic Maker – iListCWE-79 6.5 Medium2024-04-22
CVE-2024-22309 WordPress ChatBot Plugin <= 5.1.0 is vulnerable to PHP Object Injection — ChatBot with AICWE-502 8.7 High2024-01-24
CVE-2023-48741 WordPress ChatBot Plugin <= 4.7.8 is vulnerable to SQL Injection — AI ChatBotCWE-89 7.6 High2023-12-19
CVE-2023-5606 WordPress Plugin ChatBot 跨站脚本漏洞 — AI ChatBot 4.4 Medium2023-11-02
CVE-2023-5533 AI ChatBot <= 4.8.9 and 4.9.2 - Missing Authorization on AJAX actions — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-862 5.3 Medium2023-10-20
CVE-2023-5534 AI ChatBot <= 4.8.9 and 4.9.2 - Cross-Site Request Forgery on AJAX actions — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-352 4.3 Medium2023-10-20
CVE-2023-5212 AI ChatBot <= 4.8.9 and 4.9.2- Authenticated (Subscriber+) Arbitrary File Deletion via qcld_openai_delete_training_file — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-22 9.6 Critical2023-10-19
CVE-2023-5254 AI ChatBot <= 4.8.9 - Unauthenticated Sensitive Information Exposure via qcld_wb_chatbot_check_user — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-200 5.3 Medium2023-10-19
CVE-2023-5204 AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-89 9.8 Critical2023-10-19
CVE-2023-5241 AI ChatBot <= 4.8.9 and 4.9.2 - Authenticated (Subscriber+) Directory Traversal to Arbitrary File Write via qcld_openai_upload_pagetraining_file — WPBot – AI ChatBot for Live Support, Lead Generation, AI ServicesCWE-22 9.6 Critical2023-10-19
CVE-2023-44993 WordPress ChatBot Plugin <= 4.7.8 is vulnerable to Cross Site Request Forgery (CSRF) — AI ChatBotCWE-352 4.3 Medium2023-10-09
CVE-2021-4424 Slider Hero <= 8.2.0 - Cross-Site Request Forgery Bypass — Slider Hero with Video Background, AnimationCWE-352 4.3 Medium2023-07-12
CVE-2023-23981 WordPress Conversational Forms for ChatBot Plugin <= 1.1.6 is vulnerable to Cross Site Scripting (XSS) — Conversational Forms for ChatBotCWE-79 5.9 Medium2023-04-06
CVE-2022-47613 WordPress AI ChatBot Plugin <= 4.3.0 is vulnerable to Cross Site Scripting (XSS) — AI ChatBotCWE-79 5.9 Medium2023-03-29
CVE-2023-24415 WordPress AI ChatBot plugin <= 4.2.8 is vulnerable to Cross Site Request Forgery (CSRF) — AI ChatBotCWE-352 5.4 Medium2023-02-23

This page lists every published CVE security advisory associated with quantumcloud. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.