cleantalk
Vulnerabilities and Security Researches

Ibtana – WordPress Website Builder, CVE-2025-26891

CVE, Research URL

CVE-2025-26891

Home page URL

Security reports for Ibtana – WordPress Website Builder

Application

Ibtana – WordPress Website Builder

Published on
Feb 25, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VW THEMES Ibtana allows Stored XSS. This issue affects Ibtana: from n/a through 1.2.4.9.
Affected versions
max 1.2.4.9.
Status
vulnerable
Previous vulnerability researches
Ibtana – WordPress Website Builder (CVE-2024-37123) , Jun 24, 2024
Ibtana – WordPress Website Builder (CVE-2025-26891) , Feb 27, 2025
Ibtana – WordPress Website Builder (CVE-2022-4674) , Jun 06, 2024
Ibtana – WordPress Website Builder (CVE-2023-6684) , Jun 06, 2024
Ibtana – WordPress Website Builder (CVE-2021-25014) , Jun 06, 2024
New vulnerability
Emailchef (CVE-2026-1930) , Apr 24, 2026
All in One Time Clock Lite – Tracking Employee Time Has Never Been Easier (CVE-2025-6833) , Apr 24, 2026
WP Responsive Popup + Optin (CVE-2026-4131) , Apr 24, 2026
Portfolio Gallery, Product Catalog – Grid KIT Portfolio (CVE-2025-5092) , Apr 24, 2026
Media Library Assistant (CVE-2025-59590) , Apr 24, 2026