Kubio AI Page Builder <= 2.5.1 - Local File Inclusion

The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubiohybridthemeloadtemplate function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...

WordPress Kubio AI Page Builder plugin <= 2.7.2 - Missing Authorization to Authenticated (Contributor+) Limited File Upload via Kubio Block Attributes vulnerability

Missing Authorization to Authenticated Contributor+ Limited File Upload via Kubio Block Attributes vulnerability discovered by oolongeya - Dreamhack in WordPress Plugin Kubio AI Page Builder versions = 2.7.2...

CVE-2026-34887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Extend Themes Kubio AI Page Builder allows Stored XSS.This issue affects Kubio AI Page Builder: from n/a through 2.7.0...

EUVD-2026-17355

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Extend Themes Kubio AI Page Builder allows Stored XSS.This issue affects Kubio AI Page Builder: from n/a through 2.7.0...

CVE-2026-34887

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Extend Themes Kubio AI Page Builder allows Stored XSS.This issue affects Kubio AI Page Builder: from n/a through 2.7.0...

CVE-2026-34887

CVE-2026-34887 is linked to a Cross Site Scripting (XSS) vulnerability in the WordPress Kubio AI Page Builder plugin, affecting versions

CVE-2026-34887 WordPress Kubio AI Page Builder plugin <= 2.7.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Extend Themes Kubio AI Page Builder allows Stored XSS.This issue affects Kubio AI Page Builder: from n/a through 2.7.0...

CVE-2026-34887 WordPress Kubio AI Page Builder plugin <= 2.7.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Extend Themes Kubio AI Page Builder allows Stored XSS.This issue affects Kubio AI Page Builder: from n/a through 2.7.0...

WordPress Kubio AI Page Builder plugin <= 2.7.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by timomangcut in WordPress Plugin Kubio AI Page Builder versions = 2.7.0...

PT-2026-29218

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Extend Themes Kubio AI Page Builder allows Stored XSS.This issue affects Kubio AI Page Builder: from n/a through 2.7.0...

📄 Kubio AI Page Builder 2.5.1 PHP LFI Extractor Scanner

A local file inclusion vulnerability exists in the function kubiohybridthemeloadtemplate of the Kubio AI Page Builder plugin for WordPress versions less than or equal to 2.5.1. An unauthenticated attacker may include arbitrary files via path traversal. This may lead to sensitive file disclosure a...

EUVD-2024-38166

Malicious code in bioql PyPI...

Exploit for CVE-2025-22294

CVE-2025-2294 – Local File Inclusion LFI в WordPress-плагине...

CVE-2025-8487

CVE-2025-8487 affects Kubio AI Page Builder for WordPress up to version 2.6.3. The vulnerability is caused by a missing capability check on the kubio-image-hub-install-plugin AJAX action, enabling authenticated users with Subscriber-level access and above to install the Image Hub plugin. Exploita...

WordPress plugin Kubio AI Page Builder 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

WordPress Kubio AI Page Builder plugin <= 2.6.3 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Installation vulnerability

Missing Authorization to Authenticated Subscriber+ Limited Plugin Installation vulnerability discovered by wesley wcraft in WordPress Plugin Kubio AI Page Builder versions = 2.6.3...

Exploit for CVE-2025-2294

CVE-2025-2294 - WordPress Kubio AI Page Builder Request/Res...

Exploit for CVE-2025-2294

CVE-2025-2294 🚨 CVE-2025-2294 - Local File Inclusion LFI...

CVE-2024-13516

The Kubio AI Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...

Exploit for CVE-2025-2294

🚨 Kubio AI Page Builder = 2.5.1 - Unauthenticated Local File...