Description
WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions. WordPress Plugin Email Subscribers by Icegram Express-Email Marketing, Newsletters, Automation for WordPress & WooCommerce version 5.7.13 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.7.14 or latest
References
Related Vulnerabilities
Jboss EAP XML Injection (aka Blind XPath Injection) Vulnerability (CVE-2018-1000632)
Oracle Application Server CVE-2008-1814 Vulnerability (CVE-2008-1814)
WordPress Plugin BuddyPress Unspecified Vulnerability (2.6.0)
WordPress Plugin ALO EasyMail Newsletter Multiple Cross-Site Scripting Vulnerabilities (2.4.7)
WordPress Plugin Analyticator Cross-Site Request Forgery (6.4.9.3)