Description
WordPress Plugin Popups, Welcome Bar, Optins and Lead Generation-Icegram is prone to a cross-site request forgery vulnerability. Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin Popups, Welcome Bar, Optins and Lead Generation-Icegram version 1.9.18 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.9.19 or latest
References
Related Vulnerabilities
WordPress Plugin WP Google Maps Cross-Site Request Forgery (7.11.27)
Contao Improper Privilege Management Vulnerability (CVE-2021-37627)
WordPress Plugin WordPress Popular Posts Cross-Site Scripting (5.3.5)
WordPress 3.9.2 Multiple Vulnerabilities (3.9 - 3.9.2)
WordPress Plugin Country State City Dropdown CF7 Security Bypass (2.7.1)