Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing Newsletters Automation for WordPress WooCommerce Directory Traversal - CVE-2023-5414 - Vulnerability Database
WP Plugin Email Subscribers

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing Newsletters Automation for WordPress WooCommerce Directory Traversal - CVE-2023-5414

Critical
Reference: CVE-2023-5414
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2023-5414
Title: WordPress Plugin Email Subscribers by Icegram Express-Email Marketing Newsletters Automation for WordPress WooCommerce Directory Traversal
Overview:

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing Newsletters Automation for WordPress WooCommerce is prone to a directory traversal vulnerability because it fails to sufficiently verify user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin Email Subscribers by Icegram Express-Email Marketing Newsletters Automation for WordPress WooCommerce version 5.6.23 is vulnerable prior versions may also be affected.