Lucene search
VowelwebIbtana
3 matches found
CVE-2024-5541
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ibtana_visual_editor_register_ajax_json_endpont' function in all versions up to, and including, 1.2.3.3. This makes it possible for unauthenticate...
5.3CVSS5.5AI score0.00494EPSS
CVE-2024-37123
Missing Authorization vulnerability in VowelWeb Ibtana allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ibtana: from n/a through 1.2.3.3.
5.3CVSS5.3AI score0.00088EPSS
CVE-2022-4674
The Ibtana WordPress plugin before 1.1.8.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack
5.4CVSS5.3AI score0.00345EPSS