Medium 6.5
2025-09-22< 1.2.5.4
Ibtana <= 1.2.5.3 - Missing Authorization to Authenticated (Contributor+) Arbitrary Content Deletion
Ibtana – WordPress Website Builder
Minimum safe version
1.2.5.8
Update to 1.2.5.8 or later to address 9 fixable vulnerabilities
Latest available1.2.6.2 ✓⚠ 1 vulnerability has no fix
N/A
2025-11-19< 1.2.5.2
Multiple Plugins and Themes <= (Various Versions) - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting via lightGallery JavaScript Library
N/A
2026-03-30< 1.2.5.8
Ibtana - WordPress Website Builder <= 1.2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Medium 6.5 Unfixed
2025-02-25≤ 1.2.5.9
WordPress Ibtana plugin <= 1.2.5.9 - Cross Site Scripting (XSS) vulnerability
Medium 5.4
2024-10-02< 1.2.4.5
CVE-2024-8282
Medium 5.3
2024-11-01< 1.2.3.4
CVE-2024-37123
Medium 5.3
2024-06-18< 1.2.3.4
CVE-2024-5541
Medium 5.4
2024-01-11< 1.2.2.1
CVE-2023-6684
Medium 5.4
2023-02-06< 1.1.8.8
CVE-2022-4674
Low 3.5
2022-02-14< 1.1.4.9
CVE-2021-25014