Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
πŸ”₯ Daily Hot!
πŸ’ͺ🏽 CPE Enhanced Advisories
πŸ•Ά Shadow Exploits
πŸ•΅πŸΌ Vulners CPE
πŸ” Security news
πŸ’» Exploit updates
πŸ“‘ Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
πŸ€– AI High Score
πŸ“° CVE Feed
show all

6 matches found

Packet Storm
Packet Stormβ€’added 2026/03/02 12:0 a.m.β€’117 views

πŸ“„ WordPress Email Subscribers 5.7.14 SQL Injection

WordPress Email Subscribers plugin version 5.7.14 remote SQL injection proof of concept exploit. ============================================================================================================================================= | Title : wordpress Email Subscribers 5.7.14 Sql Injection...

9.8CVSS6AI score0.80596EPSS
Exploits4
Wallarm Lab
Wallarm Labβ€’added 2024/05/06 11:11 a.m.β€’126 views

Tracking CVE-2024-2876: Why does the latest WordPress exploit compromise over 90,000 websites?

A highly concerning security loophole was recently discovered in a WordPress plugin called "Email Subscribers by Icegram Express," a popular tool utilized by a vast network of over 90,000+ websites. Officially designated as CVE-2024-2876 with a CVSS score of 9.8 critical, the vulnerability...

9.9CVSS8.4AI score0.93971EPSS
Exploits20
NVD
NVDβ€’added 2024/05/02 5:15 p.m.β€’29 views

CVE-2024-2876

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IGESSubscribersQuery' class in all versions up to, and including, 5.7.14 due to insufficient escaping ...

9.8CVSS9.7AI score0.80596EPSS
Exploits4References4
Vulnrichment
Vulnrichmentβ€’added 2024/05/02 4:52 p.m.β€’20 views

CVE-2024-2876

The Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'run' function of the 'IGESSubscribersQuery' class in all versions up to, and including, 5.7.14 due to insufficient escaping ...

9.8CVSS7.5AI score0.80596EPSS
Exploits4References4
Circl
Circlβ€’added 2024/04/25 6:28 a.m.β€’4 views

CVE-2024-2876

creationtimestamp| type| source ---|---|--- 2024-04-25 06:28:44+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7166 2024-05-08 20:16:54+00:00| published-proof-of-concept| https://t.me/codeb0ss/1430 2024-11-16 01:22:54+00:00| seen| https://t.me/GithubRedTeam/9046 2025-06-21...

9.8CVSS7.5AI score0.80596EPSS
Exploits4References3
Patchstack
Patchstackβ€’added 2024/04/16 12:0 a.m.β€’24 views

WordPress Email Subscribers & Newsletters Plugin <= 5.7.14 is vulnerable to SQL Injection

Software Email Subscribers & Newsletters Type Plugin Vulnerable versions = 5.7.14 Fixed in 5.7.15 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-2876 Patch priority High CVSS severity High 9.3 Developer Claim ownership PSID 9b57a92f98bb Credits Arkadiusz Hydzik Required...

9.8CVSS6.8AI score0.80596EPSS
Exploits4References3Affected Software1
Rows per page
Query Builder