VYPR

Icegram Email Subscribers & Newsletters

by WordPress

CVEs (3)

  • CVE-2020-5767MedJul 17, 2020
    risk 0.42cvss 6.5epss 0.01

    Cross-site request forgery in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote attacker to send forged emails by tricking legitimate users into clicking a crafted link.

  • CVE-2020-5780MedSep 10, 2020
    risk 0.35cvss 5.3epss 0.02

    Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for WordPress prior to version 4.5.6 allows a remote, unauthenticated attacker to conduct unauthenticated email forgery/spoofing.

  • CVE-2020-5768MedJul 17, 2020
    risk 0.32cvss 4.9epss 0.02

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 allows a remote, authenticated attacker to determine the value of database fields.