23Eki
CVE-2024-49690 | Qode Interactive Qi Blocks Plugin up to 1.3.2 on WordPress Include/Require filename control
A vulnerability, which was classified as problematic, was found in Qode Interactive Qi Blocks Plugin up to 1.3.2 on WordPress. Affected is an unknown function of the file Include/Require. The manipulation leads to improper control of filename for include/require statement in php program ('php remote file inclusion'). This vulnerability is traded as CVE-2024-49690. It is possible to launch the attack remotely. There is no exploit available.