Known Vulnerabilities for products from Icegram
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Icegram".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-1651 json | Not Provided | 2026-03-04 | 2026-04-08 | |
| CVE-2025-68038 json | Not Provided | 2025-12-24 | 2026-04-01 | |
| CVE-2025-47527 json | Not Provided | 2025-06-09 | 2026-04-01 | |
| CVE-2025-24542 json | Not Provided | 2025-01-24 | 2026-04-01 | |
| CVE-2024-6172 json | The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for ... | Not Provided | 2024-07-02 | 2026-04-08 |
| CVE-2024-5756 json | The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for ... | Not Provided | 2024-06-21 | 2026-04-08 |
| CVE-2024-5703 json | The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for ... | Not Provided | 2024-07-17 | 2026-04-08 |
| CVE-2024-4845 json | The Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘options[list_id]’ parameter in all versi... | Not Provided | 2024-06-12 | 2026-04-08 |
| CVE-2024-4295 json | The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in ... | Not Provided | 2024-06-05 | 2026-04-08 |
| CVE-2024-4010 json | Not Provided | 2024-05-15 | 2026-04-08 | |
| CVE-2023-25024 json | Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Icegram Icegram Collect plugin <= 1.3.8 versions. | 4.8 - MEDIUM | 2023-04-07 | 2023-11-07 |
| CVE-2023-5414 json | The Icegram Express plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.6.23 via th... | Not Provided | 2023-10-20 | 2026-04-08 |
| CVE-2023-2398 json | The Icegram Engage WordPress plugin before 3.1.12 does not escape a parameter before outputting it back in an attribute, lead... | 6.1 - MEDIUM | 2023-06-12 | 2023-11-07 |
| CVE-2022-45810 json | Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram Express – Email Marketing, Newsl... | 9.8 - CRITICAL | 2023-11-07 | 2023-11-14 |
| CVE-2022-3981 json | The Icegram Express WordPress plugin before 5.5.1 does not properly sanitise and escape a parameter before using it in a SQL ... | 8.8 - HIGH | 2022-12-12 | 2023-11-07 |
| CVE-2022-1776 json | The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some ca... | 5.4 - MEDIUM | 2022-06-27 | 2022-07-06 |
| CVE-2022-0439 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.8 - HIGH | 2022-03-07 | 2023-11-07 |
| CVE-2021-36832 json | WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions <= 2.0.2) vulnerable at "Headline" (&m... | 5.4 - MEDIUM | 2021-10-19 | 2024-01-10 |
| CVE-2021-24941 json | The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.0.5 does not sanitise and escape the mes... | 6.1 - MEDIUM | 2021-12-21 | 2021-12-27 |
| CVE-2020-5780 json | Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version... | 5.3 - MEDIUM | 2020-09-10 | 2020-09-16 |
Known software with vulnerabilities from Icegram
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Icegram | Email Subscribers Amp Newsletters | 1.0 |
| Application | Icegram | Icegram | - |