cleantalk
Vulnerabilities and Security Researches

Icegram Collect – Easy Form, Lead Collection and Subscription plugin, CVE-2023-25024

CVE, Research URL

CVE-2023-25024

Home page URL

Security reports for Icegram Collect – Easy Form, Lead Collection and Subscription plugin

Application

Icegram Collect – Easy Form, Lead Collection and Subscription plugin

Published on
Apr 07, 2023
Research Description
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Icegram Icegram Collect plugin <= 1.3.8 versions.
Affected versions
Min -, max 1.3.9.
Status
vulnerable
Previous vulnerability researches
Icegram Collect &#8211; Easy Form, Lead Collection and Subscription plugin (CVE-2024-43273) , Aug 16, 2024
Icegram Collect &#8211; Easy Form, Lead Collection and Subscription plugin (CVE-2023-25024) , Jun 07, 2024
Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2016-10963) , Jun 07, 2024
Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2019-15830) , Jun 07, 2024
Icegram Engage &#8211; WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2023-52119) , Jun 07, 2024
New vulnerability
WP Google Review Slider (CVE-2024-11109) , May 17, 2025
Sailthru Triggermail (CVE-2024-11141) , May 17, 2025
LifterLMS &#8211; WordPress LMS Plugin for eLearning (CVE-2024-13619) , May 17, 2025
AHAthat Plugin (CVE-2024-11269) , May 17, 2025
WP ERP | Complete HR solution with recruitment &amp; job listings | WooCommerce CRM &amp; Accounting (CVE-2024-12812) , May 17, 2025