EUVD-2023-56244

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Cross-site Scripting vulnerability in Icegram Engage allows Stored XSS in versions up to 3.1.19.

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2023-51532	1 Feb 202412:36	–	circl
CNNVD	WordPress plugin Icegram Engage Cross-Site Scripting Vulnerability	1 Feb 202400:00	–	cnnvd
CVE	CVE-2023-51532	1 Feb 202411:00	–	cve
Cvelist	CVE-2023-51532 WordPress Icegram Plugin <= 3.1.19 is vulnerable to Cross Site Scripting (XSS)	1 Feb 202411:00	–	cvelist
NVD	CVE-2023-51532	1 Feb 202411:15	–	nvd
OSV	CVE-2023-51532	1 Feb 202411:15	–	osv
Patchstack	WordPress Icegram Plugin <= 3.1.19 is vulnerable to Cross Site Scripting (XSS)	27 Dec 202300:00	–	patchstack
Prion	Cross site scripting	1 Feb 202411:15	–	prion
Positive Technologies	PT-2024-14185 · WordPress · Icegram Engage	1 Feb 202400:00	–	ptsecurity
RedhatCVE	CVE-2023-51532	23 May 202502:19	–	redhatcve

[
  {
    "enisaIdVendor": [
      {
        "id": "3218b706-f7bd-3480-b11b-a8670b186085",
        "vendor": {
          "name": "Icegram"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "3d8baefe-25b3-3967-859d-b288a75b4b00",
        "product": {
          "name": "Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building"
        }
      },
      {
        "id": "f649fcb8-2511-3453-ad03-87b6f0db0bc2",
        "product": {
          "name": "Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building"
        },
        "product_version": "n/a ≤3.1.19"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/icegram/wordpress-icegram-engage-plugin-3-1-19-cross-site-scripting-xss-vulnerability

03 Oct 2025 20:07Current

6.6Medium risk

Vulners AI Score6.6

CVSS 3.15.4 - 6.5

EPSS0.00077

SSVC