Icegram Icegram_engage

10 CVEs affecting Icegram Icegram_engage. Latest disclosed: 2025-05-15. Critical: 0, High: 0.

Top CVEs affecting Icegram Icegram_engage
CVESeverityScorePublishedSummary
CVE-2023-51532Medium6.52024-02-01Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup…
CVE-2016-10962Medium6.52019-09-16The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.
CVE-2024-12302Medium6.12025-01-06The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform S…
CVE-2023-2398Medium6.12023-06-12The Icegram Engage WordPress plugin before 3.1.12 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scri…
CVE-2016-10963Medium6.12019-09-16The icegram plugin before 1.9.19 for WordPress has XSS.
CVE-2019-15830Medium5.42019-08-30The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS.
CVE-2024-13486Medium4.82025-05-15The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to p…
CVE-2024-13482Medium4.82025-05-15The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to p…
CVE-2021-36832Medium4.82021-10-19WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions <= 2.0.2) vulnerable at "Headline" (&message_data[16][headline]) input.
CVE-2023-52119Medium4.32024-01-05Cross-Site Request Forgery (CSRF) vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building.This…