Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

quomodosoft — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting quomodosoft. AI-powered Chinese analysis, POCs, and references for each vulnerability.

QuomodoSoft develops enterprise software solutions for data management and workflow automation. Historically, their products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with 12 CVEs documented to date. The company's security posture has been characterized by inconsistent patch release cycles and delayed vulnerability remediation. In 2022, a critical authentication bypass flaw in their flagship product allowed unauthorized access to sensitive customer data, affecting multiple enterprise clients. QuomodoSoft has since implemented enhanced code review processes but continues to face challenges in maintaining consistent security standards across their product portfolio.

Top products by quomodosoft: ElementsReady Addons for Elementor QS Dark Mode Plugin Shopready QS Dark Mode
CVE IDTitleCVSSSeverityPublished
CVE-2025-47628 WordPress QS Dark Mode plugin <= 3.0 - Broken Access Control Vulnerability — QS Dark ModeCWE-862 5.4 Medium2025-05-07
CVE-2025-39546 WordPress ElementsReady Addons for Elementor plugin <= 6.6.2 - Cross Site Request Forgery (CSRF) Vulnerability — ElementsReady Addons for ElementorCWE-352 4.3 Medium2025-04-16
CVE-2024-10356 ElementsReady Addons for Elementor <= 6.4.8 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates — ElementsReady Addons for ElementorCWE-200 4.3 Medium2024-12-17
CVE-2024-54224 WordPress ElementsReady Addons for Elementor plugin <= 6.4.7 - Cross Site Scripting (XSS) vulnerability — ElementsReady Addons for ElementorCWE-79 6.5 Medium2024-12-09
CVE-2024-52497 WordPress Shopready plugin <= 3.6 - Local File Inclusion vulnerability — ShopreadyCWE-98 7.5 High2024-11-28
CVE-2024-51787 WordPress ElementsReady Addons for Elementor plugin <= 6.4.3 - Cross Site Scripting (XSS) vulnerability — ElementsReady Addons for ElementorCWE-79 6.5 Medium2024-11-09
CVE-2024-9444 ElementsReady Addons for Elementor <= 6.4.3 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — ElementsReady Addons for ElementorCWE-79 6.4 Medium2024-10-16
CVE-2024-47353 WordPress ElementsReady Addons for Elementor plugin <= 6.4.2 - Open Redirection vulnerability — ElementsReady Addons for ElementorCWE-601 4.7 Medium2024-10-11
CVE-2024-47329 WordPress ElementsReady Addons for Elementor plugin <= 6.4.0 - Cross Site Scripting (XSS) vulnerability — ElementsReady Addons for ElementorCWE-79 6.5 Medium2024-10-06
CVE-2024-9118 QS Dark Mode Plugin <= 2.9 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload — QS Dark Mode PluginCWE-79 6.4 Medium2024-10-01
CVE-2024-5152 ElementsReady Addons for Elementor <= 6.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting — ElementsReady Addons for ElementorCWE-79 6.4 Medium2024-06-06
CVE-2024-34374 WordPress ElementsReady Addons for Elementor plugin <= 5.8.0 - Cross Site Scripting (XSS) vulnerability — ElementsReady Addons for ElementorCWE-79 6.5 Medium2024-05-06

This page lists every published CVE security advisory associated with quomodosoft. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.