45 matches found
WordPress Icegram plugin <= 2.1.7 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Pritam Dash in WordPress Icegram plugin versions = 2.1.7. Solution Update the WordPress Icegram plugin to the latest available version at least 2.1.8...
WordPress icegram plugin cross-site scripting vulnerability (CNVD-2021-102791)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress icegram plugin in versions prior to 2.0.5 has a...
WordPress 插件跨站脚本漏洞
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress icegram plugin in versions prior to 2.0.5 has a...
WordPress Icegram plugin <= 2.0.4 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by JrXnm in WordPress Icegram plugin versions = 2.0.4. Solution Update the WordPress Icegram plugin to the latest available version at least 2.0.5...
CVE-2021-36832 WordPress Icegram plugin <= 2.0.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram versions = 2.0.2 vulnerable at "Headline" &messagedata16headline input...
CVE-2020-5780
Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version 4.5.6 allows a remote, unauthenticated attacker to conduct unauthenticated email forgery/spoofing...
CVE-2020-5767
Cross-site request forgery in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote attacker to send forged emails by tricking legitimate users into clicking a crafted link...
CVE-2020-5768
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields...
CVE-2016-10963
The icegram plugin before 1.9.19 for WordPress has XSS...
CVE-2016-10962
The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php optionname parameter...
CVE-2016-10962
The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php optionname parameter...
CVE-2016-10963
The icegram plugin before 1.9.19 for WordPress has XSS...
Cross site scripting
The icegram plugin before 1.9.19 for WordPress has XSS...
Cross site request forgery (csrf)
The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php optionname parameter...
CVE-2016-10963
The icegram plugin before 1.9.19 for WordPress has XSS...
CVE-2016-10962
The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php optionname parameter...
PT-2019-7756 · Icegram · Icegram Plugin
Name of the Vulnerable Software and Affected Versions: icegram plugin versions prior to 1.9.19 Description: The issue concerns a cross-site scripting XSS problem. There is no information provided about the estimated number of potentially affected devices worldwide or details about real-world...
PT-2019-7755 · WordPress · Icegram
Name of the Vulnerable Software and Affected Versions: icegram plugin versions prior to 1.9.19 Description: The issue concerns a CSRF vulnerability via the option name parameter in the "wp-admin/edit.php" endpoint. This allows for potential unauthorized actions. Recommendations: For versions prio...
CVE-2019-15830
The icegram plugin before 1.10.29 for WordPress has igcatlist XSS...
CVE-2019-15830
The icegram plugin before 1.10.29 for WordPress has igcatlist XSS...