Email Subscribers by Icegram Express Vulnerability – Unauthenticated SQL Injection via hash – CVE-2024-4295 | WordPress Plugin Vulnerability Report

Plugin Name: Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce Key Information: Software Type: Plugin Software Slug: email-subscribers Software Status: Active Software Author: icegram Software Downloads: 10,659,578 Active Installs: 90,000 Last Updated: June 18, 2024 Patched Versions: 5.7.21 Affected Versions: <= 5.7.20 Vulnerability Details: Name: Email Subscribers by Icegram…

Read More

Email Subscribers by Icegram Express Vulnerability – Email Marketing, Newsletters, Automation for WordPress & WooCommerce – Unauthenticated SQL Injection – CVE-2024-2876 | WordPress Plugin Vulnerability Report

Plugin Name: Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce Key Information: Software Type: Plugin Software Slug: email-subscribers Software Status: Active Software Author: icegram Software Downloads: 10,452,815 Active Installs: 90,000 Last Updated: April 25, 2024 Patched Versions: 5.7.15 Affected Versions: <= 5.7.14 Vulnerability Details: Name: Icegram Express – Email…

Read More

WordPress Plugin Vulnerability Report – Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce – Authenticated Directory Traversal – CVE-2023-5414

Plugin Name: Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce Key Information: Software Type: Plugin Software Slug: email-subscribers Software Status: Active Software Author: icegram Software Downloads: 9,788,187 Active Installs: 100,000 Last Updated: October 11, 2023 Patched Versions: 5.6.24 Affected Versions: <= 5.6.23 Vulnerability Details: Name: Icegram Express <= 5.6.23 – Authenticated (Administrator+) Directory Traversal to Arbitrary File Read Type: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H CVE: CVE-2023-5414 CVSS…

Read More