Vulnerabilities > CVE-2022-1776 - Unspecified vulnerability in Icegram Popups, Welcome Bar, Optins and Lead Generation Plugin

CVSS 5.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

icegram

NVD

Published: 2022-06-27

Updated: 2024-11-21

Summary

The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks

Vulnerable Configurations

Part	Description	Count
Application	Icegram Icegram Popups, Welcome Bar, Optins AND Lead Generation Plugin *	1

References

https://wpscan.com/vulnerability/46ed56db-9b9d-4390-80fc-343a01fcc3c9
https://wpscan.com/vulnerability/46ed56db-9b9d-4390-80fc-343a01fcc3c9