Every CVE whose affected-product data names Qudata Qubot, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-2399 — CVSS 6.1 (medium): The QuBot WordPress plugin before 1.1.6 doesn't filter user input on chat, leading to bad code inserted on it be reflected on the user…
CVE-2023-2401 — CVSS 4.8 (medium): The QuBot WordPress plugin before 1.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as…