WordPress Icegram Collect – Easy Form, Lead Collection and Subscription plugin plugin <= 1.3.14 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Plugin Icegram Collect versions = 1.3.14...

WordPress Icegram Collect – Easy Form, Lead Collection and Subscription plugin Plugin <= 1.3.8 is vulnerable to Cross Site Scripting (XSS)

Software Icegram Collect – Easy Form, Lead Collection and Subscription plugin Type Plugin Vulnerable versions = 1.3.8 Fixed in 1.3.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25024 Patch priority Low CVSS severity Low 5.9 Developer Claim...