vowelweb Ibtana for WordPress

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:vowelweb:ibtana:-:*:*:*:*:wordpress:*:*

part: a version: - update: *

VendorVowelweb (6b3ec13a-3305-51c8-b370-06176a2722f1)
ProductIbtana (11a5df07-db19-5f3a-bda5-a3b3ea8e1814)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-8282 vulnerable 2026-06-08 07:00:24.038713 Ibtana – WordPress Website Builder <= 1.2.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via align Attribute
MEDIUM (6.4)
The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute within the 'wp:ive/ive-productscarousel' Gutenberg block in all versions up to, and including, 1.2.4.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Published: 2024-10-02T09:31:59.026Z
Updated: 2026-04-08T16:34:36.174Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2024-37123 vulnerable 2026-06-08 06:39:46.649325 WordPress Ibtana – WordPress Website Builder plugin <= 1.2.3.3 - Broken Access Control vulnerability
MEDIUM (5.3)
Missing Authorization vulnerability in VowelWeb Ibtana allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ibtana: from n/a through 1.2.3.3.
Published: 2024-11-01T14:18:36.104Z
Updated: 2026-04-28T16:09:56.408Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.