137 matches found
CVE-2025-24542
CVE-2025-24542 affects WordPress Icegram Engage plugin (
WordPress Icegram Engage plugin <= 3.1.31 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by savphill in WordPress Plugin Icegram versions = 3.1.31...
WordPress Icegram Engage plugin < 3.1.32 - Author+ Stored XSS vulnerability
Author+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Icegram versions 3.1.32...
CVE-2024-12302
The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-12302
The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-12302 Icegram Engage < 3.1.32 - Author+ Stored XSS
The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-12302 Icegram Engage < 3.1.32 - Author+ Stored XSS
The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-12302
CVE-2024-12302 affects Icegram Engage – Ultimate WP Popup Builder for WordPress, prior to version 3.1.32. The issue arises from insufficient sanitization/escaping of Campaign settings, enabling Stored Cross-Site Scripting by authors and higher-privilege users. The vulnerability is documented with...
WordPress plugin Icegram Engage 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
Malicious code in tsclient.engage.aperture (npm)
--- -= Per source details. Do not edit below this line.=-...
CVE-2024-39625 WordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Message Duplication Vulnerability
Missing Authorization vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24...
WordPress Icegram Engage plugin <= 3.1.25 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Icegram versions = 3.1.25...
WordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Unpublished Campaign Viewer vulnerability
Unauthenticated Unpublished Campaign Viewer vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Icegram versions = 3.1.24...
WordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Message Duplication Vulnerability
Unauthenticated Message Duplication Vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Icegram versions = 3.1.24...
CVE-2023-50437
An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2...
CVE-2023-51532
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...
CVE-2023-51532
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...
Cross site scripting
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...
CVE-2023-51532 WordPress Icegram Plugin <= 3.1.19 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...
CVE-2023-51532
CVE-2023-51532 affects Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building. Connected sources confirm a Stored Cross-Site Scripting due to Improper Neutralization of Input During Web Page Generation, affecting Icegram Engage up to version 3.1.19. Impact ...