cleantalk
Vulnerabilities and Security Researches

Ibtana – WordPress Website Builder, CVE-2025-26891

CVE, Research URL

CVE-2025-26891

Home page URL

Security reports for Ibtana – WordPress Website Builder

Application

Ibtana – WordPress Website Builder

Published on
Feb 25, 2025
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VW THEMES Ibtana ibtana-visual-editor allows Stored XSS.This issue affects Ibtana: from n/a through <= 1.2.5.9.
Affected versions
max 1.2.5.9.
Status
vulnerable
Previous vulnerability researches
Ibtana &#8211; WordPress Website Builder (CVE-2024-37123) , Jun 24, 2024
Ibtana &#8211; WordPress Website Builder (CVE-2025-59581) , Jun 13, 2026
Ibtana &#8211; WordPress Website Builder (CVE-2025-26891) , Feb 27, 2025
Ibtana &#8211; WordPress Website Builder (CVE-2022-4674) , Jun 06, 2024
Ibtana &#8211; WordPress Website Builder (CVE-2023-6684) , Jun 06, 2024
New vulnerability
AutoMail &#8211; Event-driven Email Automation. Easy email Notification and Auto-reply. (CVE-2023-33999) , Jun 14, 2026
Cozy Blocks &#8211; Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider (CVE-2024-50502) , Jun 14, 2026
Cozy Blocks &#8211; Page Builder Blocks for FSE and Gutenberg Editor, Gutenberg Blocks, WooCommerce Blocks, Post Blocks, Slider (CVE-2023-33999) , Jun 14, 2026
WP Sessions Time Monitoring Full Automatic (CVE-2022-4974) , Jun 14, 2026
WP Sessions Time Monitoring Full Automatic (CVE-2023-33999) , Jun 14, 2026