icegram
Web & CMS Pluginscommercial
Latest CVEs
The 15 most recently published vulnerabilities affecting icegram.
- CVE-2026-1651Email Subscribers & Newsletters <= 5.9.16 - Authenticated (Administrator+) SQL Injection via 'workflow_ids' Parameter6.5
- CVE-2025-68507WordPress Icegram plugin <= 3.1.35 - Broken Access Control vulnerability6.5
- CVE-2025-68038WordPress Icegram Express Pro plugin < 5.9.14 - PHP Object Injection vulnerability7.2
- CVE-2025-12348Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task Execution5.3
- CVE-2025-66055WordPress Email Subscribers & Newsletters plugin <= 5.9.10 - PHP Object Injection vulnerability7.2
- CVE-2025-12349Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Mailing Queue Trigger5.3
- CVE-2025-49917WordPress Icegram Express Pro plugin <= 5.9.5 - Server Side Request Forgery (SSRF) vulnerability4.4
- CVE-2025-47527WordPress Icegram Collect – Easy Form, Lead Collection and Subscription plugin <= 1.3.18 - Broken Access Control Vulnerability7.1
- CVE-2024-13486Icegram Engage < 3.1.32 - Admin+ Stored XSS4.8
- CVE-2024-13482Icegram Engage < 3.1.32 - Admin+ Stored XSS4.8
- CVE-2025-0671Email Subscribers < 5.7.50 - Admin+ Stored XSS in Template6.1
- CVE-2024-11924Email Subscribers < 5.7.52 - Admin+ Stored XSS3.5
- CVE-2025-24542WordPress Icegram Engage plugin <= 3.1.31 - Cross Site Scripting (XSS) vulnerability6.5
- CVE-2024-12568Email Subscribers < 5.7.45 - Admin+ Stored XSS4.8
- CVE-2024-12567Email Subscribers < 5.7.45 - Admin+ Stored XSS4.8