cleantalk
Vulnerabilities and Security Researches

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building, CVE-2024-43344

CVE, Research URL

CVE-2024-43344

Home page URL

Security reports for Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building

Application

Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building

Published on
Aug 18, 2024
Research Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Icegram allows Stored XSS.This issue affects Icegram: from n/a through 3.1.25.
Affected versions
Min -, max 3.1.26.
Status
vulnerable
Previous vulnerability researches
Icegram Collect – Easy Form, Lead Collection and Subscription plugin (CVE-2024-43273) , Aug 16, 2024
Icegram Collect – Easy Form, Lead Collection and Subscription plugin (CVE-2023-25024) , Jun 07, 2024
Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2016-10963) , Jun 07, 2024
Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2019-15830) , Jun 07, 2024
Icegram Engage – WordPress Lead Generation, Popup Builder, CTA, Optins and Email List Building (CVE-2023-52119) , Jun 07, 2024
New vulnerability
Badgearoo (CVE-2024-13828) , May 17, 2025
Melapress File Monitor (CVE-2024-10009) , May 17, 2025
Aptivada for WP (CVE-2025-48135) , May 17, 2025
Geocache Stat Bar Widget (CVE-2024-11266) , May 17, 2025
Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder (CVE-2024-13053) , May 17, 2025