Known Vulnerabilities for products from Icegram
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Icegram".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-1651 json | Not Provided | 2026-03-04 | 2026-04-08 | |
| CVE-2025-68507 json | Not Provided | 2026-01-22 | 2026-04-27 | |
| CVE-2025-68038 json | Not Provided | 2025-12-24 | 2026-04-27 | |
| CVE-2025-47527 json | Not Provided | 2025-06-09 | 2026-04-23 | |
| CVE-2025-24542 json | Not Provided | 2025-01-24 | 2026-04-23 | |
| CVE-2024-22300 json | Not Provided | 2024-03-27 | 2026-04-28 | |
| CVE-2024-6172 json | The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for ... | Not Provided | 2024-07-02 | 2026-04-08 |
| CVE-2024-5756 json | The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for ... | Not Provided | 2024-06-21 | 2026-04-08 |
| CVE-2024-5703 json | The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for ... | Not Provided | 2024-07-17 | 2026-04-08 |
| CVE-2024-4845 json | The Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘options[list_id]’ parameter in all versi... | Not Provided | 2024-06-12 | 2026-04-08 |
| CVE-2024-4295 json | The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in ... | Not Provided | 2024-06-05 | 2026-04-08 |
| CVE-2023-52119 json | Cross-Site Request Forgery (CSRF) vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, ... | Not Provided | 2024-01-05 | 2026-04-28 |
| CVE-2023-51532 json | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Icegram Engage ... | Not Provided | 2024-02-01 | 2026-04-28 |
| CVE-2023-25024 json | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Icegram Icegram Collect plugin <= 1.3.8 versions. | 4.8 - MEDIUM | 2023-04-07 | 2023-11-07 |
| CVE-2023-5414 json | The Icegram Express plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.6.23 via th... | Not Provided | 2023-10-20 | 2026-04-08 |
| CVE-2023-2398 json | The Icegram Engage WordPress plugin before 3.1.12 does not escape a parameter before outputting it back in an attribute, lead... | 6.1 - MEDIUM | 2023-06-12 | 2023-11-07 |
| CVE-2022-45810 json | Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram Express – Email Marketing, Newsl... | Not Provided | 2023-11-07 | 2026-04-28 |
| CVE-2022-3981 json | The Icegram Express WordPress plugin before 5.5.1 does not properly sanitise and escape a parameter before using it in a SQL ... | 8.8 - HIGH | 2022-12-12 | 2023-11-07 |
| CVE-2022-1776 json | The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some ca... | 5.4 - MEDIUM | 2022-06-27 | 2022-07-06 |
| CVE-2022-0439 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-03-07 | 2023-11-07 |
Known software with vulnerabilities from Icegram
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Icegram | Email Subscribers Amp Newsletters | 1.0 |
| Application | Icegram | Icegram | - |