Email Subscribers & Newsletters
Icegram
Developer
5.9.13
Latest version
60,000
Installations
No date
Last updated
Vulnerability history
0 present
28 fixed
10 Mitigation rules
- Missing Authentication to Unauthenticated Action Scheduler Task Execution vulnerability<= 5.9.10Dec 12, 2025
- Missing Authentication to Unauthenticated Mailing Queue Trigger vulnerability<= 5.9.10Nov 18, 2025
- PHP Object Injection vulnerability<= 5.9.10Nov 8, 2025
- Admin+ Stored XSS in Template vulnerability< 5.7.50Apr 25, 2025
- Admin+ Stored XSS vulnerability< 5.7.52Apr 17, 2025
- Admin+ Stored XSS vulnerability< 5.7.45Jan 13, 2025
- Admin+ SQL Injection vulnerability< 5.7.44Jan 6, 2025
- Authenticated (Subscriber+) Arbitrary Shortcode Execution vulnerability<= 5.7.34Oct 2, 2024
- Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure vulnerability<= 5.7.34Sep 26, 2024
- Missing Authorization vulnerability<= 5.7.26Jul 17, 2024
- Unauthenticated SQL Injection vulnerability<= 5.7.25Jun 26, 2024
- Unauthenticated SQL Injection vulnerability<= 5.7.23Jun 20, 2024
- Authenticated (Subscriber+) SQL Injection Vulnerability via options[list_id] vulnerability<= 5.7.22Jun 12, 2024
- Unauthenticated SQL Injection via hash vulnerability<= 5.7.20Jun 5, 2024
- Missing Authorization in handle_ajax_request vulnerability<= 5.7.19May 15, 2024
- Unauthenticated SQL Injection vulnerability<= 5.7.14Apr 16, 2024
- Authenticated (Administrator+) Cross-Site Scripting via CSV import vulnerability<= 5.7.15Apr 8, 2024
- Broken Access Control vulnerability<= 5.7.13Apr 5, 2024
- Reflected Cross Site Scripting (XSS) vulnerability<= 5.7.11Mar 26, 2024
- Authenticated (Administrator+) Directory Traversal to Arbitrary File Read vulnerability<= 5.6.23Oct 12, 2023
- CSV Injection<= 5.5.2Feb 6, 2023
- Unauthenticated email forgery/spoofing vulnerability<= 4.5.5Sep 10, 2020
- Authenticated SQL injection (SQLi) vulnerability<= 4.5.0.1Jul 17, 2020
- Cross-Site Request Forgery (CSRF) vulnerability<= 4.5.0.1Jul 17, 2020
- Multiple security issues<= 4.2.2Nov 13, 2019
- Cross-Site Scripting (XSS) vulnerability<= 4.1.6Aug 14, 2019
- Missing Function Level Access Control vulnerability<= 3.4.7Jan 19, 2018
- Multiple Vulnerabilities<= 2.9Aug 10, 2015