Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce, CVE-2019-19984
- CVE, Research URL
- Home page URL
- Application
-
Icegram Express – Email Marketing, Newsletters and Automation for WordPress & WooCommerce
- Published on
- Dec 26, 2019
- Research Description
- The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed users with edit_post capabilities to manage plugin settings and email campaigns.
- Affected versions
-
Min -, max 4.2.3.
- Status
-
vulnerable