cleantalk
Vulnerabilities and Security Researches

Icegram Collect – Easy Form, Lead Collection and Subscription plugin, CVE-2023-25024

CVE, Research URL

CVE-2023-25024

Home page URL

Security reports for Icegram Collect – Easy Form, Lead Collection and Subscription plugin

Application

Icegram Collect – Easy Form, Lead Collection and Subscription plugin

Published on
Apr 07, 2023
Research Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Icegram Icegram Collect plugin <= 1.3.8 versions.
Affected versions
Min -, max 1.3.9.
Status
vulnerable
Previous vulnerability researches
Icegram Collect &#8211; Easy Form, Lead Collection and Subscription plugin (CVE-2024-43273) , Aug 16, 2024
Icegram Collect &#8211; Easy Form, Lead Collection and Subscription plugin (CVE-2023-25024) , Jun 07, 2024
New vulnerability
Simple Lightbox (CVE-2025-3516) , May 18, 2025
RS WP Book ShowCase &#8211; WordPress Book Gallery Plugin (Book Slider, Book Carousel, Book Grid, Book List)) (CVE-2025-48119) , May 18, 2025
ProfileGrid – User Profiles, Memberships, Groups and Communities (CVE-2025-48079) , May 18, 2025
Estatik Mortgage Calculator (CVE-2025-48136) , May 18, 2025
EventON (CVE-2025-48116) , May 18, 2025