Qodeinteractive Security Vulnerabilities (CVEs)

Track 21 security vulnerabilities affecting Qodeinteractive products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.

3 Critical

10 High

8 Medium

Sort by:

🔔 Get Alerts for Qodeinteractive

CVE-2025-67934 8.1

This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...

Jan 8, 2026

CVE-2025-67935 8.1

This vulnerability allows attackers to include local PHP files on servers running the Optimize WordPress theme, potentially leading to remote code exe...

Jan 8, 2026

CVE-2025-67936 8.1

This CVE describes a PHP Local File Inclusion vulnerability in the Curly WordPress theme by Mikado-Themes. Attackers can include arbitrary local files...

Jan 8, 2026

CVE-2025-67937 8.1

This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...

Jan 8, 2026

CVE-2025-69034 8.1

This vulnerability allows attackers to include local PHP files through improper filename control in the Lekker WordPress theme. Attackers can potentia...

Dec 30, 2025

CVE-2025-69030 5.4

This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in the Backpack Traveler WordPress theme that allows attackers to bypass a...

Dec 30, 2025

CVE-2025-69032 5.4

This CVE describes an Insecure Direct Object Reference (IDOR) vulnerability in the Mikado-Themes FiveStar WordPress theme. Attackers can bypass author...

Dec 30, 2025

CVE-2025-67515 9.8

This CVE describes a PHP Local File Inclusion vulnerability in the Wilmër WordPress theme by Mikado-Themes. Attackers can include arbitrary local fil...

Dec 9, 2025

CVE-2025-66532 8.8

This CVE describes a Missing Authorization vulnerability in Mikado-Themes Powerlift WordPress theme that allows attackers to bypass access controls. I...

Dec 9, 2025

CVE-2025-39467 9.8

This CVE describes a path traversal vulnerability in the Mikado-Themes Wanderland WordPress theme that allows attackers to perform local file inclusio...

Nov 6, 2025

CVE-2025-39466 9.8

This vulnerability allows attackers to include and execute arbitrary local PHP files on servers running the vulnerable Mikado-Themes Dør WordPress th...

Nov 6, 2025

CVE-2025-64368 5.4

This CSRF vulnerability in the Bard WordPress theme allows attackers to trick authenticated administrators into performing unintended actions on the W...

Oct 31, 2025

CVE-2025-6252 6.4

The Qi Addons For Elementor WordPress plugin has a stored cross-site scripting (XSS) vulnerability that allows authenticated attackers with Contributo...

Jun 28, 2025

CVE-2025-39494 8.1

This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...

May 23, 2025

CVE-2025-1627 5.4

The Qi Blocks WordPress plugin before version 1.4 contains a stored cross-site scripting (XSS) vulnerability. Users with contributor role or higher ca...

May 19, 2025

CVE-2025-1625 5.4

The Qi Blocks WordPress plugin before version 1.4 contains a stored cross-site scripting (XSS) vulnerability in its Counter block. This allows authent...

May 19, 2025

CVE-2024-13699 6.4

The Qi Addons For Elementor WordPress plugin has a stored cross-site scripting vulnerability in the 'cursor' parameter that allows authenticated attac...

Feb 4, 2025

CVE-2024-50457 7.5

This vulnerability allows attackers to include arbitrary local files in WordPress sites using the Qode Essential Addons plugin. Attackers can potentia...

Oct 28, 2024

CVE-2024-4887 7.5

The Qi Addons For Elementor WordPress plugin has a Remote File Inclusion vulnerability that allows authenticated attackers with Contributor-level acce...

Jun 7, 2024

CVE-2024-5221 6.4

The Qi Blocks WordPress plugin has a stored cross-site scripting vulnerability in its file uploader that allows authenticated attackers with Author-le...

Jun 6, 2024

CVE-2023-40333 7.1

This vulnerability allows unauthenticated attackers to inject malicious scripts into web pages via the Bridge Core WordPress plugin. When users visit ...

Sep 27, 2023

Why Monitor Qodeinteractive Security Vulnerabilities?

Real-time CVE tracking: Our automated system monitors 21+ known vulnerabilities affecting Qodeinteractive products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.

Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Qodeinteractive packages in under 60 seconds. No agents required - completely agentless scanning that works across Qodeinteractive deployments.

Free vulnerability database: Access detailed information about every Qodeinteractive CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.

🚀 Get Started in 60 Seconds

Register free account & add your servers
Run one-time scan or schedule automatic monitoring (every 1-24 hours)
Receive instant alerts when new Qodeinteractive CVEs affect your systems
Access dashboard with severity breakdown & fix instructions

Start Monitoring Qodeinteractive CVEs Free