{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-1834", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2026-02-03T15:03:42.190Z", "datePublished": "2026-03-31T05:28:51.970Z", "dateUpdated": "2026-03-31T13:13:41.611Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-03-31T05:28:51.970Z"}, "affected": [{"vendor": "vowelweb", "product": "Ibtana \u2013 WordPress Website Builder", "versions": [{"version": "*", "status": "affected", "lessThanOrEqual": "1.2.5.7", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Ibtana \u2013 WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ive' shortcode in all versions up to, and including, 1.2.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "title": "Ibtana - WordPress Website Builder <= 1.2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b6a54d91-da79-43a3-affd-e8026e342d95?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L402"}, {"url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L637"}, {"url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L777"}, {"url": "https://plugins.trac.wordpress.org/changeset/3485257/ibtana-visual-editor"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)", "cweId": "CWE-80", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "baseScore": 6.4, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "timeline": [{"time": "2026-03-30T16:30:19.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-31T13:04:17.481398Z", "id": "CVE-2026-1834", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T13:13:41.611Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-1834", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-31T13:04:17.481398Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-31T13:04:49.710Z"}}], "cna": {"title": "Ibtana - WordPress Website Builder <= 1.2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode", "credits": [{"lang": "en", "type": "finder", "value": "Muhammad Yudha - DJ"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.4, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "vowelweb", "product": "Ibtana \u2013 WordPress Website Builder", "versions": [{"status": "affected", "version": "*", "versionType": "semver", "lessThanOrEqual": "1.2.5.7"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2026-03-30T16:30:19.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b6a54d91-da79-43a3-affd-e8026e342d95?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L402"}, {"url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L637"}, {"url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L777"}, {"url": "https://plugins.trac.wordpress.org/changeset/3485257/ibtana-visual-editor"}], "descriptions": [{"lang": "en", "value": "The Ibtana \u2013 WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ive' shortcode in all versions up to, and including, 1.2.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-80", "description": "CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-03-31T05:28:51.970Z"}}}, "cveMetadata": {"cveId": "CVE-2026-1834", "state": "PUBLISHED", "dateUpdated": "2026-03-31T13:13:41.611Z", "dateReserved": "2026-02-03T15:03:42.190Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2026-03-31T05:28:51.970Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "The Ibtana \u2013 WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ive' shortcode in all versions up to, and including, 1.2.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."}, {"lang": "es", "value": "El plugin Ibtana \u2013 WordPress Website Builder para WordPress es vulnerable a cross-site scripting almacenado a trav\u00e9s del shortcode 'ive' del plugin en todas las versiones hasta la 1.2.5.7, inclusive, debido a la sanitizaci\u00f3n insuficiente de la entrada y al escape de la salida en los atributos proporcionados por el usuario. Esto permite a atacantes autenticados, con acceso de nivel de colaborador y superior, inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutar\u00e1n cada vez que un usuario acceda a una p\u00e1gina inyectada."}], "id": "CVE-2026-1834", "lastModified": "2026-04-01T14:24:02.583", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2026-03-31T06:16:00.337", "references": [{"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L402"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L637"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/browser/ibtana-visual-editor/tags/1.2.5.6/ive-countdown.php#L777"}, {"source": "security@wordfence.com", "url": "https://plugins.trac.wordpress.org/changeset/3485257/ibtana-visual-editor"}, {"source": "security@wordfence.com", "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/b6a54d91-da79-43a3-affd-e8026e342d95?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-80"}], "source": "security@wordfence.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.2.5.7]"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Ibtana \u2013 WordPress Website Builder", "source": "cna", "vendor": "vowelweb"}, "product": "ibtana_\u2013_wordpress_website_builder", "vendor": "vowelweb"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-31T07:21:36.992950+00:00", "value": {"mitigation_remediation": ["Update the Ibtana \u2013 WordPress Website Builder plugin to version 1.2.6 or later", "If an update is unavailable, disable or remove the 'ive' shortcode from all posts and pages", "Restrict contributor\u2011level and higher roles to trusted users only", "Review and sanitize existing content for injected scripts", "Monitor the website for abnormal JavaScript execution or new content"], "summary": {"action": "Patch Immediately", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "The vulnerability affects the Ibtana \u2013 WordPress Website Builder plugin for WordPress, supplied by vowelweb. All versions from the initial release through 1.2.5.7 are impacted. Any WordPress site that has this plugin enabled, with users that have contributor or higher privileges, is at risk.", "description_and_impact": "The Ibtana \u2013 WordPress Website Builder plugin contains a stored cross\u2011site scripting flaw. In every release up to and including 1.2.5.7 the 'ive' shortcode processes user\u2011supplied attributes without proper sanitization or escaping. An attacker who can authenticate as a contributor or higher role can inject arbitrary JavaScript into a page. When another visitor opens that page the injected script runs in the visitor\u2019s browser, potentially stealing credentials, redirecting to malicious sites or displaying unwanted content.", "risk_and_exploitability": "The CVSS score of 6.4 indicates a moderate severity. With no publicly reported exploit data or EPSS score, the exploitation probability is unclear, but the vulnerability requires an authenticated user with contributor access or higher, which many site administrators grant. Because the attack injects code that executes for all users who view the page, untrusted content can be shown to visitors, leading to data theft or fraud. Site owners should treat this as a medium\u2011to\u2011high risk until a patch is applied."}}}}, "created": "2026-03-31T19:56:13.864251+00:00", "updated": "2026-03-31T20:39:29.696465+00:00", "vendors": ["vowelweb", "vowelweb$PRODUCT$ibtana_\u2013_wordpress_website_builder", "wordpress", "wordpress$PRODUCT$wordpress"]}