WordPress Qubely < 1.8.6 - Unauthenticated Email Sending

Qubely WordPress plugin 1.8.6 contains an insecure deserialization caused by unauthenticated users being able to send arbitrary emails via the qubelysendformdata AJAX action, letting attackers send spam or malicious emails, exploit requires no authentication. id: CVE-2021-24916 info: name:...

CVE-2026-39638

Vulnerability summary: CVE-2026-39638 affects the WordPress Qubely plugin (Themeum Qubely qubely) with a Stored XSS due to improper neutralization of input during web page generation. Affected version range is Qubely from n/a through

WordPress plugin Qubely 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

EUVD-2021-11828

Malware in sbrugna...

EUVD-2023-12437

Malicious code in bioql PyPI...

EUVD-2025-4905

Malicious code in bioql PyPI...

WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability

Sensitive Data Exposure Vulnerability discovered by Abu Hurayra in WordPress Plugin Qubely versions = 1.8.14...

WordPress Qubely Plugin <= 1.8.14 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Denver Jackson in WordPress Plugin Qubely versions = 1.8.14...

CVE-2025-58249 WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58249 WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58663 WordPress Qubely Plugin <= 1.8.14 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58663

CVE-2025-58663 (Qubely – WordPress) details: Affected software: Qubely (Advanced Gutenberg Blocks) up to version 1.8.14. Root cause: Missing Authorization due to incorrectly configured access control security levels. Consequence: The vulnerability is described as a Missing Authorization issue tha...

WordPress plugin Qubely 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

CVE-2021-24916

The Qubely WordPress plugin before 1.8.6 allows unauthenticated user to send arbitrary e-mails to arbitrary addresses via the qubelysendformdata AJAX action...

CVE-2024-13228

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubelygetcontent'. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive...

CVE-2024-13228

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubelygetcontent'. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive...

CVE-2024-13228

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubelygetcontent'. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive...

CVE-2024-13228 Qubely – Advanced Gutenberg Blocks <= 1.8.13 - Authenticated (Contributor+) Sensitive Information Exposure via qubely_get_content

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubelygetcontent'. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive...

CVE-2024-13228 Qubely – Advanced Gutenberg Blocks <= 1.8.13 - Authenticated (Contributor+) Sensitive Information Exposure via qubely_get_content

The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubelygetcontent'. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive...

PT-2025-10699 · WordPress · Qubely

Name of the Vulnerable Software and Affected Versions: Qubely – Advanced Gutenberg Blocks plugin for WordPress versions up to and including 1.8.13 Description: The issue allows authenticated attackers with Contributor-level access or higher to extract sensitive data from private, pending,...