Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce 5.7.20

  • Severity: critical
  • Status: Fixed
  • Publication: June 4, 2024

The Email Subscribers by Icegram Express plugin for WordPress has a security vulnerability that can be exploited by hackers. This flaw is found in all versions up to version 5.7.20. The vulnerability is caused by the plugin not properly handling user input and not having enough security measures in place. This allows unauthorized individuals to add their own malicious code to the existing code, giving them access to sensitive information stored in the database.

Detected in:

Email Subscribers & Newsletters – Powerful Email Marketing, Post Notification & Newsletter Plugin for WordPress & WooCommerce fixed vulnerable versions:
Email Subscribers by Icegram Express – Affordable, Powerful Email Marketing for WordPress & WooCommerce fixed vulnerable versions:
Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce fixed vulnerable versions:
Icegram Express – email subscribers, optin forms, newsletters and marketing automation for WordPress & WooCommerce fixed vulnerable versions:
Icegram Express formerly known as Email Subscribers – The Ultimate Email Marketing & Automation Plugin for WordPress fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.