Vulnerabilidades em icegram

34 resultados

CVE-2024-2876CRITICALIcegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.14 - Unauthenticated SQL InjectionEPSS 80.6%CVE-2024-4295CRITICALEmail Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hashEPSS 10.2%CVE-2018-0602—Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows remote attackers to inject arbitrary weEPSS 1.2%CVE-2024-6172CRITICALEmail Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.25 - Unauthenticated SQL Injection via unsubscribeEPSS 1.1%CVE-2023-5414CRITICALIcegram Express <= 5.6.23 - Authenticated (Administrator+) Directory Traversal to Arbitrary File ReadEPSS 1.0%CVE-2024-5756CRITICALIcegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.23 - Unauthenticated SQL Injection via optinEPSS 0.7%CVE-2022-45810MEDIUMWordPress Email Subscribers & Newsletters Plugin <= 5.5.2 is vulnerable to CSV InjectionEPSS 0.6%CVE-2021-36832MEDIUMWordPress Icegram plugin <= 2.0.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerabilityEPSS 0.6%CVE-2024-37252CRITICALWordPress Email Subscribers by Icegram Express plugin <= 5.7.25 - SQL Injection vulnerabilityEPSS 0.5%CVE-2024-8254MEDIUMEmail Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.34 - Authenticated (Subscriber+) Arbitrary Shortcode ExecutionEPSS 0.5%CVE-2024-4845HIGHIcegram Express <= 5.7.22 - Authenticated (Subscriber+) SQL Injection Vulnerability via options[list_id]EPSS 0.5%CVE-2023-25024MEDIUMWordPress Icegram Collect plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS)EPSS 0.4%CVE-2024-22300HIGHWordPress Icegram Express plugin <= 5.7.11 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-43273MEDIUMWordPress Icegram Collect plugin <= 1.3.14 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2024-4010HIGHEmail Subscribers by Icegram Express <= 5.7.19 - Missing Authorization in handle_ajax_requestEPSS 0.4%CVE-2024-5703MEDIUMIcegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.26 - Missing AuthorizationEPSS 0.4%CVE-2025-12348MEDIUMEmail Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task ExecutionEPSS 0.4%CVE-2025-66055HIGHWordPress Email Subscribers & Newsletters plugin <= 5.9.10 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2025-68038HIGHWordPress Icegram Express Pro plugin < 5.9.14 - PHP Object Injection vulnerabilityEPSS 0.4%CVE-2024-3626MEDIUMEmail Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.17 - Missing AuthorizationEPSS 0.4%

← anteriorpágina 1 / 2próxima →