350 matches found
WordPress Email Subscribers plugin < 5.7.45 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Email Subscribers & Newsletters versions 5.7.45...
CVE-2025-68038
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers-premium allows Object Injection.This issue affects Icegram Express Pro: from n/a through 5.9.14...
EUVD-2025-205272
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers-premium allows Object Injection.This issue affects Icegram Express Pro: from n/a through = 5.9.11...
CVE-2025-68038
Deserialization of Untrusted Data vulnerability in Icegram Icegram Express Pro email-subscribers-premium allows Object Injection.This issue affects Icegram Express Pro: from n/a through 5.9.14...
PT-2025-53251
Name of the Vulnerable Software and Affected Versions Icegram Icegram Express Pro versions through 5.9.11 Description A flaw exists in Icegram Icegram Express Pro email-subscribers-premium related to the deserialization of untrusted data, potentially leading to object injection. Recommendations...
CVE-2025-12348 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task Execution
The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 5.9.10. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...
CVE-2025-12348 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task Execution
The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 5.9.10. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...
CVE-2025-12348
CVE-2025-12348 is an issue in the Icegram Express Email Subscribers & Newsletters WordPress plugin. According to the connected Wordfence document, versions up to and including 5.9.10 are vulnerable to Missing Authorization in the run_action_scheduler_task function, allowing unauthenticated attack...
WordPress Email Subscribers & Newsletters plugin <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task Execution vulnerability
Missing Authentication to Unauthenticated Action Scheduler Task Execution vulnerability discovered by Adrian Lukita in WordPress Plugin Email Subscribers & Newsletters versions = 5.9.10...
CVE-2025-66055
Deserialization of Untrusted Data vulnerability in Icegram Email Subscribers & Newsletters email-subscribers allows Object Injection.This issue affects Email Subscribers & Newsletters: from n/a through = 5.9.10...
EUVD-2025-198485
Deserialization of Untrusted Data vulnerability in Icegram Email Subscribers & Newsletters email-subscribers allows Object Injection.This issue affects Email Subscribers & Newsletters: from n/a through = 5.9.10...
CVE-2025-66055
Deserialization of Untrusted Data vulnerability in Icegram Email Subscribers & Newsletters email-subscribers allows Object Injection.This issue affects Email Subscribers & Newsletters: from n/a through = 5.9.10...
CVE-2025-66055 WordPress Email Subscribers & Newsletters plugin <= 5.9.10 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Icegram Email Subscribers & Newsletters email-subscribers allows Object Injection.This issue affects Email Subscribers & Newsletters: from n/a through = 5.9.10...
CVE-2025-66055 WordPress Email Subscribers & Newsletters plugin <= 5.9.10 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Icegram Email Subscribers & Newsletters email-subscribers allows Object Injection.This issue affects Email Subscribers & Newsletters: from n/a through = 5.9.10...
CVE-2025-66055
CVE-2025-66055 describes a deserialization of untrusted data vulnerability in Icegram Email Subscribers & Newsletters (plugin: email-subscribers) that allows PHP object injection. Public references across multiple sources (NVD/ Red Hat/EUVD/CVE lists, Wordfence) state the affected range as WordPr...
PT-2025-47731
Name of the Vulnerable Software and Affected Versions Icegram Email Subscribers & Newsletters versions through 5.9.10 Description A flaw exists in Icegram Email Subscribers & Newsletters related to the deserialization of untrusted data, which can lead to object injection. This issue impacts the...
WordPress plugin Email Subscribers & Newsletters 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
CVE-2025-12349 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Mailing Queue Trigger
The Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin for WordPress is vulnerable to Authorization in versions up to, and including, 5.9.10. This is due to the plugin not properly verifying that a user is authorized to perform an action in the...
CVE-2025-12349
CVE-2025-12349 concerns the WordPress plugin Icegram Express – Email Subscribers, Newsletters and Marketing Automation . The vulnerability is a missing authorization check in the function trigger_mailing_queue_sending , allowing unauthenticated actors to force immediate email sending, bypass the ...
WordPress plugin Email Subscribers & Newsletters 访问控制错误漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. An Access Control Erro...