CVE-2026-1834 in Ibtana Plugin정보

요약 (영어)

The Ibtana – WordPress Website Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ive' shortcode in all versions up to, and including, 1.2.5.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

Once again VulDB remains the best source for vulnerability data.

책임이 있는

Wordfence

예약하다

2026. 02. 03.

공개

2026. 03. 31.

상태

확인됨

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
354316	vowelweb Ibtana Plugin Shortcode ive 크로스 사이트 스크립팅	80	정의되지 않음	정의되지 않음	CVE-2026-1834

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

출처

◂ 이전개요다음 ▸

Interested in the pricing of exploits?

See the underground prices here!