CVE-2025-59581

CVE-2025-59581 - Ibtana (WordPress Website Builder) Missing Authorization vulnerability present in Ibtana, allowing Arbitrary Content Deletion due to improper access control. Affected versions: up to 1.2.5.3 (from n/a to 1.2.5.3). Connected docs corroborate the issue as an access-control weakness...

CVE-2025-59581 WordPress Ibtana Plugin <= 1.2.5.3 - Arbitrary Content Deletion Vulnerability

Missing Authorization vulnerability in VW THEMES Ibtana ibtana-visual-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ibtana: from n/a through = 1.2.5.3...

CVE-2025-26891 WordPress Ibtana plugin <= 1.2.5.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in VW THEMES Ibtana ibtana-visual-editor allows Stored XSS.This issue affects Ibtana: from n/a through = 1.2.5.9...

WordPress Ibtana plugin <= 1.2.3.3 - Unauthenticated Plugin Settings Update vulnerability

Unauthenticated Plugin Settings Update vulnerability discovered by Peter Thaleikis in WordPress Plugin Ibtana versions = 1.2.3.3...

WordPress Ibtana Plugin <= 1.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Ibtana Type Plugin Vulnerable versions = 1.2.2 Fixed in 1.2.2.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-6684 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6212e7800b8c Credits István Márton Required privileg...

WordPress Ibtana plugin <= 1.1.4.8 - Plugin Settings Update vulnerability leading to Stored Cross-Site Scripting (XSS)

Plugin Settings Update vulnerability leading to Stored Cross-Site Scripting XSS discovered by Krzysztof Zając in WordPress Ibtana plugin versions = 1.1.4.8. Solution Update the WordPress Ibtana plugin to the latest available version at least 1.1.4.9...