VYPR

Icegram

by WordPress

Source repositories

CVEs (10)

  • CVE-2025-68507MedJan 22, 2026
    risk 0.42cvss 6.5epss 0.00

    Missing Authorization vulnerability in Icegram Icegram icegram allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram: from n/a through <= 3.1.35.

  • CVE-2025-24542MedJan 24, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Icegram icegram allows Stored XSS.This issue affects Icegram: from n/a through <= 3.1.31.

  • CVE-2024-43344MedAug 18, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Icegram allows Stored XSS.This issue affects Icegram: from n/a through 3.1.25.

  • CVE-2016-10962MedSep 16, 2019
    risk 0.42cvss 6.5epss 0.01

    The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php option_name parameter.

  • CVE-2016-10963MedSep 16, 2019
    risk 0.40cvss 6.1epss 0.01

    The icegram plugin before 1.9.19 for WordPress has XSS.

  • CVE-2019-15830MedAug 30, 2019
    risk 0.35cvss 5.4epss 0.01

    The icegram plugin before 1.10.29 for WordPress has ig_cat_list XSS.

  • CVE-2024-39625MedNov 1, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24.

  • CVE-2024-43272MedAug 19, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authentication for Critical Function vulnerability in icegram Icegram allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Icegram: from n/a through 3.1.24.

  • CVE-2021-36832MedOct 19, 2021
    risk 0.31cvss 4.8epss 0.01

    WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions <= 2.0.2) vulnerable at "Headline" (&message_data[16][headline]) input.

  • CVE-2024-21748Jun 8, 2024
    risk 0.00cvss epss 0.00

    Missing Authorization vulnerability in Icegram.This issue affects Icegram: from n/a through 3.1.21.