Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

漏洞数据库 - AI 增强中文 CVE 平台 与情报

浏览 27+ 条来自 NVD 与 CNNVD 的 CVE 漏洞,配 AI 中文翻译、AI POC 生成、每日情报;可按厂商、产品、严重等级、CWE 检索。

Clear Filters
Found 27 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-1651 Email Subscribers & Newsletters <= 5.9.16 - Authenticated (Administrator+) SQL Injection via 'workflow_ids' Parameter icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 6.5 2026-03-04 01:22:00 Deep Dive
CVE-2025-12348 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Action Scheduler Task Execution icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 5.3 2025-12-12 09:20:29 Deep Dive
CVE-2025-66055 WordPress Email Subscribers & Newsletters plugin <= 5.9.10 - PHP Object Injection vulnerability IcegramEmail Subscribers & Newsletters 中危 -2025-11-21 12:29:54 Deep Dive
CVE-2025-12349 Email Subscribers & Newsletters <= 5.9.10 - Missing Authentication to Unauthenticated Mailing Queue Trigger icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 5.3 2025-11-19 04:28:19 Deep Dive
CVE-2024-11924 Email Subscribers < 5.7.52 - Admin+ Stored XSS UnknownIcegram Express formerly known as Email Subscribers 低危 -2025-04-17 06:00:08 Deep Dive
CVE-2024-12568 Email Subscribers < 5.7.45 - Admin+ Stored XSS UnknownEmail Subscribers by Icegram Express 中危 -2025-01-13 06:00:11 Deep Dive
CVE-2024-12567 Email Subscribers < 5.7.45 - Admin+ Stored XSS UnknownEmail Subscribers by Icegram Express 中危 -2025-01-13 06:00:10 Deep Dive
CVE-2024-12566 Email Subscribers < 5.7.45 - Admin+ Stored XSS UnknownEmail Subscribers by Icegram Express 中危 -2025-01-13 06:00:08 Deep Dive
CVE-2024-11636 Email Subscribers < 5.7.45 - Admin+ Stored XSS UnknownEmail Subscribers by Icegram Express 中危 -2025-01-13 06:00:01 Deep Dive
CVE-2024-12311 Email Subscribers < 5.7.44 - Admin+ SQL Injection UnknownEmail Subscribers by Icegram Express 中危 -2025-01-06 06:00:16 Deep Dive
CVE-2024-8254 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.34 - Authenticated (Subscriber+) Arbitrary Shortcode Execution icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 5.4 2024-10-02 06:46:02 Deep Dive
CVE-2024-8771 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.34 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 4.3 2024-09-26 15:30:34 Deep Dive
CVE-2024-5703 Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.26 - Missing Authorization icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 4.3 2024-07-17 07:32:19 Deep Dive
CVE-2024-6172 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.25 - Unauthenticated SQL Injection via unsubscribe icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Critical 9.8 2024-07-02 06:49:43 Deep Dive
CVE-2024-37252 WordPress Email Subscribers by Icegram Express plugin <= 5.7.25 - SQL Injection vulnerability IcegramEmail Subscribers & Newsletters Critical 9.3 2024-06-26 10:13:48 Deep Dive
CVE-2024-5756 Icegram Express - Email Subscribers, Newsletters and Marketing Automation Plugin <= 5.7.23 - Unauthenticated SQL Injection via optin icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Critical 9.8 2024-06-21 04:34:11 Deep Dive
CVE-2024-4845 Icegram Express <= 5.7.22 - Authenticated (Subscriber+) SQL Injection Vulnerability via options[list_id] icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress High 8.8 2024-06-12 09:33:12 Deep Dive
CVE-2024-4295 Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Critical 9.8 2024-06-05 05:33:06 Deep Dive
CVE-2024-3626 Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce <= 5.7.17 - Missing Authorization icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress Medium 4.3 2024-05-23 05:32:15 Deep Dive
CVE-2024-4010 Email Subscribers by Icegram Express <= 5.7.19 - Missing Authorization in handle_ajax_request icegramEmail Subscribers & Newsletters – Email Marketing, Post Notifications & Newsletter Plugin for WordPress High 8.8 2024-05-15 08:34:13 Deep Dive