$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin | allinfosecnews.com

April 15, 2024, 3 p.m. | István Márton

Wordfence www.wordfence.com

On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in Email Subscribers by Icegram Express, a WordPress plugin with more than 90,000 active installations. This vulnerability can be leveraged to extract sensitive data from the database, such as password hashes. Props to Arkadiusz Hydzik ...
Read More

The post $1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin appeared first on …

bounty bug bug bounty can email express extract injection march plugin research sensitive sql sql injection sql injection vulnerability submission subscribers unauthenticated vulnerabilities vulnerability wordpress wordpress plugin wordpress security

More from www.wordfence.com / Wordfence

The Wordfence Affiliate Program Officially Launches Today 2 days, 17 hours ago | www.wordfence.com

advocates affiliate clients community +12

Wordfence Intelligence Weekly WordPress Vulnerability Report (May 6, 2024 to May 12, 2024) 2 days, 19 hours ago | www.wordfence.com

bounty bug bug bounty disclosure +16

30,000 WordPress Sites affected by Arbitrary SQL Execution Vulnerability Patched in Visualizer WordPress Plugin 3 days, 17 hours ago | www.wordfence.com

plugin research sql vulnerabilities +6

Revolutionizing WordPress Bug Bounty and Security: Latest Enhancements to the Wordfence Bug Bounty Program 4 days, 17 hours ago | www.wordfence.com

bounties bounty bug bug bounty +15

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 29, 2024 to May 5, 2024) 1 week, 2 days ago | www.wordfence.com

april bounty bug bug bounty +17

$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin 1 week, 5 days ago | www.wordfence.com

april bounty bug bug bounty +17

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 22, 2024 to April 28, 2024) 2 weeks, 2 days ago | www.wordfence.com

april bounty bug bug bounty +16

$197 Bounty Awarded for Unauthenticated Arbitrary Post Deletion Vulnerability Patched in LeadConnector WordPress Plugin 2 weeks, 5 days ago | www.wordfence.com

bounty bug bug bounty deletion +16

Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024) 3 weeks, 2 days ago | www.wordfence.com

april bounty bug bug bounty +17

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España

View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania

View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States

View on infosec-jobs.com