📦 Icegram Express

Name: Icegram Express
Author: Icegram

by Icegram

🔍 What is Icegram Express?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2024-5756

CRITICAL CVSS 9.8 Jun 21, 2024

This vulnerability allows unauthenticated attackers to perform time-based SQL injection attacks against the Email Subscribers WordPress plugin. Attackers can extract sensitive information from the dat...

CVE-2022-45810

CRITICAL CVSS 9.8 Nov 7, 2023

This CVE describes a CSV injection vulnerability in the Icegram Express WordPress plugin. Attackers can embed malicious formulas in CSV files that, when opened in spreadsheet applications like Excel, ...

CVE-2023-5414

CRITICAL CVSS 9.1 Oct 20, 2023

This vulnerability in the Icegram Express WordPress plugin allows administrator-level attackers to perform directory traversal attacks via the show_es_logs function. Attackers can read arbitrary files...

CVE-2024-4845

HIGH CVSS 8.8 Jun 12, 2024

The Icegram Express WordPress plugin contains a SQL injection vulnerability that allows authenticated attackers with Subscriber-level access or higher to execute arbitrary SQL queries. This can lead t...