CVE-2026-39638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2026-39638

Vulnerability summary: CVE-2026-39638 affects the WordPress Qubely plugin (Themeum Qubely qubely) with a Stored XSS due to improper neutralization of input during web page generation. Affected version range is Qubely from n/a through

CVE-2026-39638 WordPress Qubely plugin <= 1.8.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

PT-2026-31203

CVE-2026-39638 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubel… https://t.co/Tq611HF5Pc...

CVE-2025-14449

The BA Book Everything plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's babe-search-form shortcode in all versions up to, and including, 1.8.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-14449 BA Book Everything <= 1.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via babe-search-form Shortcode

The BA Book Everything plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's babe-search-form shortcode in all versions up to, and including, 1.8.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2025-14449

The BA Book Everything WordPress plugin (BA Book Everything) has a Stored XSS via the babe-search-form shortcode in all versions up to 1.8.14. Exploitation requires authenticated access at Contributor level or higher; scripts can run when users view an injected page. Wordfence notes the vulnerabi...

PT-2025-52420

The BA Book Everything plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's babe-search-form shortcode in all versions up to, and including, 1.8.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress BA Book Everything plugin <= 1.8.14 - Authenticated (Contributor+) Stored Cross-Site Scripting via babe-search-form Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via babe-search-form Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin BA Book Everything versions = 1.8.14...

EUVD-2021-1172

Malware in sbrugna...

EUVD-2025-30540

Malicious code in bioql PyPI...

EUVD-2025-30561

Malicious code in bioql PyPI...

CVE-2025-58663

Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58249

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58249

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Abu Hurayra in WordPress Plugin Qubely versions = 1.8.14...

CVE-2025-58249

CVE-2025-58249 involves Themeum Qubely (qubely) for WordPress, described as an Insertion of Sensitive Information Into Sent Data vulnerability that can lead to retrieval of embedded sensitive data. Affected product/version range stated as Qubely: from n/a through

CVE-2025-58249 WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58663 WordPress Qubely Plugin <= 1.8.14 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58663 WordPress Qubely Plugin <= 1.8.14 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through = 1.8.14...