Filtered by vendor Icegram
Subscriptions
Filtered by product Icegram Express
Subscriptions
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2022-45810 | 1 Icegram | 1 Icegram Express | 2023-11-14 | 9.8 Critical |
Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce.This issue affects Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce: from n/a through 5.5.2. | ||||
CVE-2023-5414 | 1 Icegram | 1 Icegram Express | 2023-11-07 | 7.2 High |
The Icegram Express plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.6.23 via the show_es_logs function. This allows administrator-level attackers to read the contents of arbitrary files on the server, which can contain sensitive information including those belonging to other sites, for example in shared hosting environments. |
Page 1 of 1.