CVE-2026-39638

Vulnerability summary: CVE-2026-39638 affects the WordPress Qubely plugin (Themeum Qubely qubely) with a Stored XSS due to improper neutralization of input during web page generation. Affected version range is Qubely from n/a through

CVE-2026-39638 WordPress Qubely plugin <= 1.8.14 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themeum Qubely qubely allows Stored XSS.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58249 WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58249

CVE-2025-58249 involves Themeum Qubely (qubely) for WordPress, described as an Insertion of Sensitive Information Into Sent Data vulnerability that can lead to retrieval of embedded sensitive data. Affected product/version range stated as Qubely: from n/a through

CVE-2025-58249 WordPress Qubely Plugin <= 1.8.14 - Sensitive Data Exposure Vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Themeum Qubely qubely allows Retrieve Embedded Sensitive Data.This issue affects Qubely: from n/a through = 1.8.14...

CVE-2025-58663 WordPress Qubely Plugin <= 1.8.14 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Themeum Qubely qubely allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Qubely: from n/a through = 1.8.14...

WordPress plugin Qubely – Advanced Gutenberg Blocks 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

WordPress Qubely – Advanced Gutenberg Blocks Plugin < 1.8.6 is vulnerable to Broken Access Control

Software Qubely – Advanced Gutenberg Blocks Type Plugin Vulnerable versions 1.8.6 Fixed in 1.8.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2021-24916 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1d0a581ca7d3 Credits Krzysztof...

WordPress Qubely – Advanced Gutenberg Blocks Plugin <= 1.8.4 is vulnerable to Cross Site Scripting (XSS)

Software Qubely – Advanced Gutenberg Blocks Type Plugin Vulnerable versions = 1.8.4 Fixed in 1.8.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0376 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 1329c46c6231 Credits...