4 matches found
CVE-2025-26767 WordPress Qubely plugin <= 1.8.12 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.12...
CVE-2025-26767
CVE-2025-26767 affects WordPress plugin Qubely – Advanced Gutenberg Blocks (versions from n/a through 1.8.12). The issue is caused by improper neutralization of input during web page generation, enabling Stored XSS. Affected component: Qubely blocks code path that renders pages can store maliciou...
WordPress Qubely – Advanced Gutenberg Blocks Plugin < 1.8.6 is vulnerable to Broken Access Control
Software Qubely – Advanced Gutenberg Blocks Type Plugin Vulnerable versions 1.8.6 Fixed in 1.8.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-24916 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1d0a581ca7d3 Credits Krzysztof...
WordPress Qubely – Advanced Gutenberg Blocks Plugin <= 1.8.4 is vulnerable to Cross Site Scripting (XSS)
Software Qubely – Advanced Gutenberg Blocks Type Plugin Vulnerable versions = 1.8.4 Fixed in 1.8.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0376 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 1329c46c6231 Credits...