Extendthemes Kubio Ai Page Builder
5 CVEs affecting Extendthemes Kubio Ai Page Builder. Latest disclosed: 2026-04-17. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-2294 | Critical | 9.8 | 2025-03-28 | The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.5.1 via thekubio_hybrid_theme_load… |
CVE-2024-39661 | Medium | 6.5 | 2024-08-01 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ExtendThemes Kubio AI Page Builder.This issue affe… |
CVE-2024-13516 | Medium | 6.1 | 2025-01-18 | The Kubio AI Page Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'message' parameter in all versions up to, and including… |
CVE-2025-8487 | Medium | 5.4 | 2025-09-19 | The Kubio AI Page Builder plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the kubio-image-hub-insta… |
CVE-2026-5427 | Medium | 5.3 | 2026-04-17 | The Kubio plugin for WordPress is vulnerable to Arbitrary File Upload in versions up to and including 2.7.2. This is due to insufficient capability checks in t… |