Qode Qi Blocks vulnerabilities

CVE-2025-64383 [MEDIUM] CWE-79 CVE-2025-64383: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Qode Qi Blocks qi-blocks allows Stored XSS.This issue affects Qi Blocks: from n/a through <= 1.4.3.

CVE-2024-49690 [HIGH] CWE-98 CVE-2024-49690: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusio Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Qi Blocks qi-blocks.This issue affects Qi Blocks: from n/a through <= 1.3.2.

CVE-2024-38712 [MEDIUM] CWE-79 CVE-2024-38712: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Qode Qi Blocks qi-blocks.This issue affects Qi Blocks: from n/a through <= 1.3.