CubeWP
Imran Tauqeer
Developer
1.1.29
Latest version
4,000
Installations
No date
Last updated
Vulnerability history
1 present
10 fixed
5 Mitigation rules
- Unauthenticated Information Exposure vulnerability<= 1.1.276 days ago
- Unauthenticated Post Disclosure in class-cubewp-search-ajax-hooks.php vulnerability<= 1.1.27Jan 30, 2026
- Authenticated (Contributor+) Stored Cross-Site Scripting via cubewp_shortcode_taxonomy Shortcode vulnerability<= 1.1.26Jan 30, 2026
- Broken Access Control vulnerability<= 1.1.27Dec 26, 2025
- Cross Site Scripting (XSS) Vulnerability<= 1.1.26Sep 22, 2025
- Privilege Escalation Vulnerability<= 1.1.24Aug 19, 2025
- Cross Site Scripting (XSS) Vulnerability<= 1.1.23Jun 12, 2025
- Authenticated (Subscriber+) Privilege Escalation vulnerability<= 1.1.23Jun 11, 2025
- Cross Site Request Forgery (CSRF) vulnerability<= 1.1.29Jun 5, 2025
- Broken Access Control vulnerability<= 1.1.15Oct 9, 2024
- Arbitrary File Upload vulnerability<= 1.1.12Mar 28, 2024