Vulnerabilities and security researches foricegram icegram

Direction: descending

May 16, 2025

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-13482

CVE, Research URL: CVE-2024-13482
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: May 16, 2025
Research Description: The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-13486

CVE, Research URL: CVE-2024-13486
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: May 16, 2025
Research Description: The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
Affected versions: Min -, max -.
Status: vulnerable

Jan 26, 2025

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2025-24542

CVE, Research URL: CVE-2025-24542
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Jan 24, 2025
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in icegram Icegram allows Stored XSS. This issue affects Icegram: from n/a through 3.1.31.
Affected versions: Min -, max -.
Status: vulnerable

Jan 07, 2025

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-12302

CVE, Research URL: CVE-2024-12302
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Jan 06, 2025
Research Description: The Icegram Engage WordPress plugin before 3.1.32 does not sanitise and escape some of its Campaign settings, which could allow authors and above to perform Stored Cross-Site Scripting attacks
Affected versions: Min -, max -.
Status: vulnerable

Aug 19, 2024

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-43344

CVE, Research URL: CVE-2024-43344
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Aug 18, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Icegram allows Stored XSS.This issue affects Icegram: from n/a through 3.1.25.
Affected versions: Min -, max -.
Status: vulnerable

Aug 15, 2024

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-43272

CVE, Research URL: CVE-2024-43272
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: -
Research Description: Icegram Engage – Ultimate WP Popup Builder, Lead Generation, Optins, and CTA [icegram] < 3.1.25 CVE-2024-43272
Affected versions: Min -, max -.
Status: vulnerable

Jul 26, 2024

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-39625

CVE, Research URL: CVE-2024-39625
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Nov 01, 2024
Research Description: Missing Authorization vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24.
Affected versions: Min -, max -.
Status: vulnerable

Jun 10, 2024

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-21748

CVE, Research URL: CVE-2024-21748
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Jun 08, 2024
Research Description: Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21.
Affected versions: Min -, max -.
Status: vulnerable

Jun 07, 2024

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2016-10963

CVE, Research URL: CVE-2016-10963
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Sep 16, 2019
Research Description: The icegram plugin before 1.9.19 for WordPress has XSS.
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2019-15830

CVE, Research URL: CVE-2019-15830
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Aug 30, 2019
Research Description: The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS.
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-52119

CVE, Research URL: CVE-2023-52119
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Jan 05, 2024
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building: from n/a through 3.1.18.
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-2398

CVE, Research URL: CVE-2023-2398
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Jun 12, 2023
Research Description: The Icegram Engage WordPress plugin before 3.1.12 does not escape a parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2022-1776

CVE, Research URL: CVE-2022-1776
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Jun 27, 2022
Research Description: The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2021-36832

CVE, Research URL: CVE-2021-36832
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Oct 19, 2021
Research Description: WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions <= 2.0.2) vulnerable at "Headline" (&message_data[16][headline]) input.
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2021-24941

CVE, Research URL: CVE-2021-24941
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Dec 21, 2021
Research Description: The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.0.5 does not sanitise and escape the message_id parameter of the get_message_action_row AJAX action before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2016-10962

CVE, Research URL: CVE-2016-10962
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Sep 16, 2019
Research Description: The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.
Affected versions: Min -, max -.
Status: vulnerable

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-51532

CVE, Research URL: CVE-2023-51532
Home page URL: Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Application: Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building
Date: Feb 01, 2024
Research Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building allows Stored XSS.This issue affects Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building: from n/a through 3.1.19.
Affected versions: Min -, max -.
Status: vulnerable

Vulnerabilities and security researches foricegram icegram

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-13482

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-13486

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2025-24542

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-12302

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-43344

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-43272

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-39625

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-21748

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2016-10963

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2019-15830

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-52119

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-2398

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2022-1776

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2021-36832

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2021-24941

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2016-10962

Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-51532

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-13482

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-13486

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2025-24542

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-12302

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-43344

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-43272

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-39625

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2024-21748

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2016-10963

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2019-15830

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-52119

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-2398

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2022-1776

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2021-36832

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2021-24941

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2016-10962

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building # CVE-2023-51532