The Qi Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.0 via private templates. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive data including the contents of templates that are private.
References
Configurations
History
25 Oct 2024, 18:52
Type | Values Removed | Values Added |
---|---|---|
References | () https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3170536%40qi-addons-for-elementor%2Ftrunk&old=3159768%40qi-addons-for-elementor%2Ftrunk&sfp_email=&sfph_mail= - Patch | |
References | () https://www.wordfence.com/threat-intel/vulnerabilities/id/0dd93514-657c-4b04-931a-23f3d405fb88?source=cve - Third Party Advisory | |
First Time |
Qodeinteractive qi Addons For Elementor
Qodeinteractive |
|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:qodeinteractive:qi_addons_for_elementor:*:*:*:*:*:wordpress:*:* |
23 Oct 2024, 15:12
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
23 Oct 2024, 08:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-23 08:15
Updated : 2024-10-25 18:52
NVD link : CVE-2024-9530
Mitre link : CVE-2024-9530
CVE.ORG link : CVE-2024-9530
JSON object : View
Products Affected
qodeinteractive
- qi_addons_for_elementor
CWE