cleantalk
Vulnerabilities and Security Researches

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building, CVE-2016-10962

CVE, Research URL

CVE-2016-10962

Home page URL

Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building

Application

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building

Published on
Sep 16, 2019
Research Description
The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.
Affected versions
Min -, max 1.9.19.
Status
vulnerable
Previous vulnerability researches
Icegram Collect – Easy Form, Lead Collection and Subscription plugin (CVE-2024-43273) , Aug 16, 2024
Icegram Collect – Easy Form, Lead Collection and Subscription plugin (CVE-2023-25024) , Jun 07, 2024
Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2016-10963) , Jun 07, 2024
Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2019-15830) , Jun 07, 2024
Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2023-52119) , Jun 07, 2024
New vulnerability
Badgearoo (CVE-2024-13828) , May 17, 2025
Melapress File Monitor (CVE-2024-10009) , May 17, 2025
Aptivada for WP (CVE-2025-48135) , May 17, 2025
Geocache Stat Bar Widget (CVE-2024-11266) , May 17, 2025
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2024-13053) , May 17, 2025