cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-1776,https://securityvulnerability.io/vulnerability/CVE-2022-1776,Icegram < 2.1.8 - Contributor+ Stored Cross-Site Scripting,"The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.1.8 does not sanitize and escape some campaign parameters, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks",Wordpress,"Popups, Welcome Bar, Optins And Lead Generation Plugin – Icegram",5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2022-06-27T08:57:34.000Z,0
CVE-2021-24941,https://securityvulnerability.io/vulnerability/CVE-2021-24941,Icegram < 2.0.5 - Reflected Cross-Site Scripting,"The Popups, Welcome Bar, Optins and Lead Generation Plugin WordPress plugin before 2.0.5 does not sanitise and escape the message_id parameter of the get_message_action_row AJAX action before outputting it back in an attribute, leading to a reflected Cross-Site Scripting issue",Wordpress,"Popups, Welcome Bar, Optins And Lead Generation Plugin – Icegram",6.1,MEDIUM,0.0007999999797903001,false,,false,false,false,,false,false,2021-12-21T08:45:37.000Z,0
CVE-2021-36832,https://securityvulnerability.io/vulnerability/CVE-2021-36832,WordPress Icegram plugin <= 2.0.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability,"WordPress Popups, Welcome Bar, Optins and Lead Generation Plugin – Icegram (versions <= 2.0.2) vulnerable at ""Headline"" (&message_data[16][headline]) input.",Wordpress,"Popups, Welcome Bar, Optins And Lead Generation Plugin – Icegram",4.8,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2021-10-19T15:15:00.000Z,0