Lucene search
K

5 matches found

NVD
NVD
added 2026/03/31 6:16 a.m.3 views

CVE-2026-1834

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ive' shortcode in all versions up to, and including, 1.2.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

6.4CVSS0.00197EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/31 12:0 a.m.9 views

WordPress plugin Ibtana – WordPress Website Builder 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.4CVSS6AI score0.00197EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/02 9:31 a.m.38 views

CVE-2024-8282 Ibtana – WordPress Website Builder <= 1.2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:ive/ive-productscarousel' Gutenberg block in all versions up to, and including, 1.2.4.4 due to insufficient input sanitization and output escaping. Thi...

6.4CVSS0.00311EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/02 9:31 a.m.13 views

CVE-2024-8282 Ibtana – WordPress Website Builder <= 1.2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:ive/ive-productscarousel' Gutenberg block in all versions up to, and including, 1.2.4.4 due to insufficient input sanitization and output escaping. Thi...

6.4CVSS5.8AI score0.00311EPSS
Exploits0References4
CVE
CVE
added 2024/06/18 2:37 a.m.56 views

CVE-2024-5541

CVE-2024-5541 affects the Ibtana – WordPress Website Builder plugin for WordPress (all versions up to 1.2.3.3). Root cause: missing capability check in ibtana_visual_editor_register_ajax_json_endpont, enabling unauthenticated attackers to modify option values (including reCAPTCHA keys). Impact: p...

5.3CVSS5.8AI score0.0046EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder