Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24941 | 1 Icegram | 1 Icegram | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.0.5 does not sanitise and escape the message_id parameter of the get_message_action_row AJAX action before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue | |||||
| CVE-2021-36832 | 1 Icegram | 1 Icegram | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions <= 2.0.2) vulnerable at "Headline" (&message_data[16][headline]) input. | |||||
| CVE-2016-10962 | 1 Icegram | 1 Icegram | 2024-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter. | |||||
| CVE-2019-15830 | 1 Icegram | 1 Icegram | 2024-02-04 | 3.5 LOW | 5.4 MEDIUM |
| The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS. | |||||
| CVE-2016-10963 | 1 Icegram | 1 Icegram | 2024-02-04 | 4.3 MEDIUM | 6.1 MEDIUM |
| The icegram plugin before 1.9.19 for WordPress has XSS. | |||||