WordPress Plugin Email Subscribers by Icegram Express-Email Marketing Newsletters Automation for WordPress WooCommerce Multiple Vulnerabilities - CVE-2019-19984

WordPress Plugin Email Subscribers by Icegram Express-Email Marketing Newsletters Automation for WordPress WooCommerce is prone to multiple vulnerabilities including security bypass cross-site request forgery and information disclosure vulnerabilities. Exploiting these issues could allow an attacker to perform otherwise restricted actions and subsequently modify settings to perform certain administrative actions and gain unauthorized access to the affected application or to obtain sensitive information which could aid in launching further attacks. WordPress Plugin Email Subscribers by Icegram Express-Email Marketing Newsletters Automation for WordPress WooCommerce version 4.2.2 is vulnerable prior versions may also be affected.