Icegram
icegram
45 CVEs • 6 products
Products (6)
Click to collapseToggle
Products (6)
Click to collapse
CVEs (45)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter. |
The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. |
1Icegram 1Email Subscribers & Newsletters Nov 21, 2024 Jul 28, 2019 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 An XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious JavaScript code through a publicly available subscription form using the esfpx_name wp-admin...Show more |
1Icegram 1Email Subscribers & Newsletters Nov 21, 2024 Jul 19, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL...Show more |
1Icegram 1Email Subscribers & Newsletters Nov 21, 2024 Jan 26, 2018 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 An issue was discovered in the "Email Subscribers & Newsletters" plugin before 3.4.8 for WordPress. Sending an HTTP POST request to a URI with /?es=export at the end, and adding option=view_all_subscribers in the body, a...Show more |