24 matches found
Kubio AI Page Builder <= 2.5.1 - Local File Inclusion
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubiohybridthemeloadtemplate function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...
EUVD-2026-17355
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Extend Themes Kubio AI Page Builder allows Stored XSS.This issue affects Kubio AI Page Builder: from n/a through 2.7.0...
📄 Kubio AI Page Builder 2.5.1 PHP LFI Extractor Scanner
A local file inclusion vulnerability exists in the function kubiohybridthemeloadtemplate of the Kubio AI Page Builder plugin for WordPress versions less than or equal to 2.5.1. An unauthenticated attacker may include arbitrary files via path traversal. This may lead to sensitive file disclosure a...
EUVD-2024-38166
Malicious code in bioql PyPI...
Exploit for CVE-2025-22294
CVE-2025-2294 – Local File Inclusion LFI в WordPress-плагине...
CVE-2025-8487
CVE-2025-8487 affects Kubio AI Page Builder for WordPress up to version 2.6.3. The vulnerability is caused by a missing capability check on the kubio-image-hub-install-plugin AJAX action, enabling authenticated users with Subscriber-level access and above to install the Image Hub plugin. Exploita...
Exploit for CVE-2025-2294
CVE-2025-2294 🚨 CVE-2025-2294 - Local File Inclusion LFI...
CVE-2024-5819
The Gutenberg Blocks with AI by Kadence WP – Page Builder Features plugin for WordPress is vulnerable to DOM-based Stored Cross-Site Scripting via HTML data attributes in all versions up to, and including, 3.2.45 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-13516
The Kubio AI Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...
Exploit for CVE-2025-2294
🚨 Kubio AI Page Builder = 2.5.1 - Unauthenticated Local File...
📄 Kubio AI Page Builder 2.5.1 Local File Inclusion
Kubio AI Page Builder versions 2.5.1 and below suffer from a local file inclusion vulnerability. Exploit Title: Kubio AI Page Builder = 2.5.1 - Local File Inclusion LFI Date: 2025-04-04 Exploit Author: Sheikh Mohammad Hasan https://github.com/4m3rr0r Vendor Homepage:...
Kubio AI Page Builder 2.5.1 - Local File Inclusion (LFI)
Exploit Title: Kubio AI Page Builder = 2.5.1 - Local File Inclusion LFI Date: 2025-04-04 Exploit Author: Sheikh Mohammad Hasan https://github.com/4m3rr0r Vendor Homepage: https://wordpress.org/plugins/kubio/ Software Link: https://downloads.wordpress.org/plugin/kubio.2.5.1.zip Reference:...
CVE-2025-2294
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubiohybridthemeloadtemplate function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...
CVE-2025-2294 Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubiohybridthemeloadtemplate function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...
CVE-2025-2294 Kubio AI Page Builder <= 2.5.1 - Unauthenticated Local File Inclusion
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubiohybridthemeloadtemplate function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the...
WordPress plugin Kubio AI Page Builder 路径遍历漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...
Exploit for CVE-2025-2294
🚨 Kubio AI Page Builder = 2.5.1 - Unauthenticated Local File...
CVE-2024-13516
CVE-2024-13516 affects Kubio AI Page Builder for WordPress. Connected documents confirm a Reflected Cross-Site Scripting flaw exploitable via the message parameter in all versions up to 2.3.5, with unauthenticated user interaction required to trigger execution of injected scripts. The issue is ca...
CVE-2024-13516 Kubio AI Page Builder <= 2.3.5 - Reflected Cross-Site Scripting
The Kubio AI Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...
CVE-2024-13516 Kubio AI Page Builder <= 2.3.5 - Reflected Cross-Site Scripting
The Kubio AI Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including, 2.3.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...