CubeWP
Imran Tauqeer
Developer
1.1.29
Latest version
4,000
Installations
No date
Last updated
Vulnerability history
1 present
10 patched
5 Mitigation rules
- Unauthenticated Information Exposure vulnerability<= 1.1.2702/02/2026
- Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.php vulnerability<= 1.1.2730/01/2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via cubewp_shortcode_taxonomy Shortcode vulnerability<= 1.1.2630/01/2026
- Broken Access Control vulnerability<= 1.1.2726/12/2025
- Cross Site Scripting (XSS) Vulnerability<= 1.1.2622/09/2025
- Privilege Escalation Vulnerability<= 1.1.2419/08/2025
- Cross Site Scripting (XSS) Vulnerability<= 1.1.2312/06/2025
- Authenticated (Subscriber+) Privilege Escalation vulnerability<= 1.1.2311/06/2025
- Cross Site Request Forgery (CSRF) vulnerability<= 1.1.2905/06/2025
- Broken Access Control vulnerability<= 1.1.1509/10/2024
- Arbitrary File Upload vulnerability<= 1.1.1228/03/2024