WordPress Qubely < 1.8.6 - Unauthenticated Email Sending

Qubely WordPress plugin 1.8.6 contains an insecure deserialization caused by unauthenticated users being able to send arbitrary emails via the qubelysendformdata AJAX action, letting attackers send spam or malicious emails, exploit requires no authentication. id: CVE-2021-24916 info: name:...

CVE-2026-39638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

EUVD-2026-20296

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2026-39638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2026-39638

Vulnerability summary: CVE-2026-39638 affects the WordPress Qubely plugin (Themeum Qubely qubely) with a Stored XSS due to improper neutralization of input during web page generation. Affected version range is Qubely from n/a through

CVE-2026-39638

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2026-39638 WordPress Qubely plugin <= 1.8.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2026-39638 WordPress Qubely plugin <= 1.8.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

WordPress plugin Qubely 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-31203

CVE-2026-39638 Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubel… https://t.co/Tq611HF5Pc...

WordPress Qubely plugin <= 1.8.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'align' and 'UniqueID' vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'align' and 'UniqueID' vulnerability discovered by Nishiv - Developer in WordPress Plugin Qubely versions = 1.8.12...

EUVD-2021-11828

Malware in sbrugna...

EUVD-2021-11925

Malware in sbrugna...

EUVD-2023-12437

Malicious code in bioql PyPI...

EUVD-2025-30540

Malicious code in bioql PyPI...

EUVD-2025-4905

Malicious code in bioql PyPI...

EUVD-2025-30561

Malicious code in bioql PyPI...

EUVD-2025-4240

Malicious code in bioql PyPI...

CVE-2025-58663

Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58249

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...