Lucene search
K

137 matches found

CVE
CVE
added 2025/01/24 5:24 p.m.52 views

CVE-2025-24542

CVE-2025-24542 affects WordPress Icegram Engage plugin (

6.5CVSS7.2AI score0.00269EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/01/24 11:47 a.m.4 views

WordPress Icegram Engage plugin <= 3.1.31 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by savphill in WordPress Plugin Icegram versions = 3.1.31...

6.5CVSS6.1AI score0.00269EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/01/06 7:45 a.m.6 views

WordPress Icegram Engage plugin < 3.1.32 - Author+ Stored XSS vulnerability

Author+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Icegram versions 3.1.32...

6.1CVSS6.1AI score0.00351EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/01/06 6:15 a.m.2 views

CVE-2024-12302

The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...

6.1CVSS5.8AI score0.00351EPSS
Exploits1References1
NVD
NVD
added 2025/01/06 6:15 a.m.17 views

CVE-2024-12302

The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...

6.1CVSS0.00351EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/06 6:0 a.m.19 views

CVE-2024-12302 Icegram Engage < 3.1.32 - Author+ Stored XSS

The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...

0.00351EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/06 6:0 a.m.13 views

CVE-2024-12302 Icegram Engage < 3.1.32 - Author+ Stored XSS

The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks...

5.9AI score0.00351EPSS
Exploits1References1
CVE
CVE
added 2025/01/06 6:0 a.m.63 views

CVE-2024-12302

CVE-2024-12302 affects Icegram Engage – Ultimate WP Popup Builder for WordPress, prior to version 3.1.32. The issue arises from insufficient sanitization/escaping of Campaign settings, enabling Stored Cross-Site Scripting by authors and higher-privilege users. The vulnerability is documented with...

6.1CVSS5.6AI score0.00351EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/01/06 12:0 a.m.7 views

WordPress plugin Icegram Engage 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

6.1CVSS7.8AI score0.00351EPSS
Exploits1References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/12/09 5:44 a.m.4 views

Malicious code in tsclient.engage.aperture (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2024/11/01 2:17 p.m.17 views

CVE-2024-39625 WordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Message Duplication Vulnerability

Missing Authorization vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24...

5.3CVSS6.9AI score0.0035EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/08/16 1:52 p.m.4 views

WordPress Icegram Engage plugin <= 3.1.25 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Savphill Patchstack Alliance in WordPress Plugin Icegram versions = 3.1.25...

6.5CVSS6.1AI score0.00245EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/08/12 2:50 p.m.6 views

WordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Unpublished Campaign Viewer vulnerability

Unauthenticated Unpublished Campaign Viewer vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Icegram versions = 3.1.24...

5.3CVSS7AI score0.00362EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/07/22 4:49 p.m.6 views

WordPress Icegram Engage plugin <= 3.1.24 - Unauthenticated Message Duplication Vulnerability

Unauthenticated Message Duplication Vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Icegram versions = 3.1.24...

5.3CVSS6.9AI score0.0035EPSS
Exploits0Affected Software1
OSV
OSV
added 2024/02/29 1:42 a.m.4 views

CVE-2023-50437

An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2...

8.6CVSS5.8AI score0.00683EPSS
Exploits0References3
OSV
OSV
added 2024/02/01 11:15 a.m.6 views

CVE-2023-51532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...

5.4CVSS7.3AI score0.0031EPSS
Exploits0References1
NVD
NVD
added 2024/02/01 11:15 a.m.32 views

CVE-2023-51532

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...

6.5CVSS6.5AI score0.0031EPSS
Exploits0References1
Prion
Prion
added 2024/02/01 11:15 a.m.20 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...

4.9CVSS7AI score0.0031EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/02/01 11:0 a.m.17 views

CVE-2023-51532 WordPress Icegram Plugin <= 3.1.19 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder...

6.5CVSS6.7AI score0.0031EPSS
Exploits0References1
CVE
CVE
added 2024/02/01 11:0 a.m.98 views

CVE-2023-51532

CVE-2023-51532 affects Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building. Connected sources confirm a Stored Cross-Site Scripting due to Improper Neutralization of Input During Web Page Generation, affecting Icegram Engage up to version 3.1.19. Impact ...

6.5CVSS6.7AI score0.0031EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder