Every CVE whose affected-product data names Vowelweb Ibtana, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2023-6684 — CVSS 6.4 (medium): The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ive' shortcode in…
CVE-2024-8282 — CVSS 6.4 (medium): The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘align’ attribute…
CVE-2022-4674 — CVSS 5.4 (medium): The Ibtana WordPress plugin before 1.1.8.8 does not validate and escape one of its shortcode attributes, which could allow users with a…
CVE-2024-5541 — CVSS 5.3 (medium): The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to unauthorized modification of data due to a missing…
CVE-2021-25014 — CVSS 3.5 (low): The Ibtana WordPress plugin before 1.1.4.9 does not have authorisation and CSRF checks in the ive_save_general_settings AJAX action…