Vulnerabilities > Themeum > Qubely > 1.8.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-11 | CVE-2024-13228 | Privacy Violation vulnerability in Themeum Qubely The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.8.13 via the 'qubely_get_content'. | 6.5 |
| 2025-02-16 | CVE-2025-26767 | Cross-site Scripting vulnerability in Themeum Qubely Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeum Qubely – Advanced Gutenberg Blocks allows Stored XSS. | 5.4 |
| 2025-02-14 | CVE-2024-9601 | Cross-site Scripting vulnerability in Themeum Qubely The Qubely – Advanced Gutenberg Blocks plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ and 'UniqueID' parameter in all versions up to, and including, 1.8.12 due to insufficient input sanitization and output escaping. | 5.4 |