Home/Product/icegram email subscribers \& newsletters
Product

icegram email subscribers \& newsletters

26 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2024-12568
< 5.7.45
The Email Subscribers by Icegram Express WordPress plugin before 5.7.45 does not sanitise and escape some of its Workflow setting
4.8MEDIUM
 CVE-2024-12567
< 5.7.45
The Email Subscribers by Icegram Express WordPress plugin before 5.7.45 does not sanitise and escape some of its form settings, w
4.8MEDIUM
 CVE-2024-12566
< 5.7.45
The Email Subscribers by Icegram Express WordPress plugin before 5.7.45 does not sanitise and escape some of form settings, which
4.8MEDIUM
 CVE-2024-11636
< 5.7.45
The Email Subscribers by Icegram Express WordPress plugin before 5.7.45 does not sanitise and escape some of its Text Block optio
4.8MEDIUM
 CVE-2024-12311
< 5.7.44
The Email Subscribers by Icegram Express WordPress plugin before 5.7.44 does not sanitize and escape a parameter before using it
6.5MEDIUM
 CVE-2024-8254
< 5.7.35
The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPre
5.4MEDIUM
 CVE-2024-8771
< 5.7.35
The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPre
4.3MEDIUM
 CVE-2024-5703
< 5.7.27
The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPre
4.3MEDIUM
 CVE-2024-6172
< 5.7.26
The Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin for WordPre
9.8CRITICAL
 CVE-2024-31352
< 5.7.14
Missing Authorization vulnerability in Email Subscribers & Newsletters.This issue affects Email Subscribers & Newsletters: from n/
5.3MEDIUM
 CVE-2024-4295
< 5.7.21
The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all v
9.8CRITICAL
 CVE-2022-3981
< 5.5.1
The Icegram Express WordPress plugin before 5.5.1 does not properly sanitise and escape a parameter before using it in a SQL state
8.8HIGH
 CVE-2022-0439
< 5.3.2
The Email Subscribers & Newsletters WordPress plugin before 5.3.2 does not correctly escape the order and orderby parameters t
8.8HIGH
 CVE-2020-5780
< 4.5.6
Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version 4.5.
5.3MEDIUM
 CVE-2020-5768
all versions
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Icegram Email Subscribers & Newsletters Pl
4.9MEDIUM
 CVE-2020-5767
all versions
Cross-site request forgery in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote attacker to send
6.5MEDIUM
 CVE-2019-20361
< 4.3.1
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed t
9.8CRITICAL
 CVE-2019-19985
< 4.2.3
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with use
5.3MEDIUM
 CVE-2019-19984
< 4.2.3
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed users with edit_post capabilities to m
6.3MEDIUM
 CVE-2019-19982
< 4.2.3
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for unauthenticated option creation. I
5.3MEDIUM
 CVE-2019-19981
< 4.2.3
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed for CSRF to be exploited on all plugin
5.4MEDIUM
 CVE-2019-19980
< 4.2.3
The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a privilege bypass flaw that allowed authenticated users (
4.3MEDIUM
 CVE-2019-14364
all versions
An XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious Ja
6.1MEDIUM
 CVE-2019-13569
<= 4.1.7
A SQL injection vulnerability exists in the Icegram Email Subscribers & Newsletters plugin through 4.1.7 for WordPress. Successful
9.8CRITICAL
 CVE-2018-0602
< 3.5.0
Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows remote attackers to inject ar
6.1MEDIUM
 CVE-2018-6015
< 3.4.8
An issue was discovered in the "Email Subscribers & Newsletters" plugin before 3.4.8 for WordPress. Sending an HTTP POST request t
7.5HIGH
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh