all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin

Add to bookmarks
April 15, 2024, 3 p.m. | István Márton

Wordfence www.wordfence.com

On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in Email Subscribers by Icegram Express, a WordPress plugin with more than 90,000 active installations. This vulnerability can be leveraged to extract sensitive data from the database, such as password hashes. Props to Arkadiusz Hydzik ...
Read More


The post $1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin appeared first on …

bounty bug bug bounty can email express extract injection march plugin research sensitive sql sql injection sql injection vulnerability submission subscribers unauthenticated vulnerabilities vulnerability wordpress wordpress plugin wordpress security

Visit resource

More from www.wordfence.com / Wordfence

$197 Bounty Awarded for Unauthenticated Arbitrary Post Deletion Vulnerability Patched in LeadConnector WordPress Plugin 2 days, 16 hours ago | www.wordfence.com
bounty bug bug bounty deletion +16
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 15, 2024 to April 21, 2024) 6 days, 16 hours ago | www.wordfence.com
april bounty bug bug bounty +17
$493 Bounty Awarded for Arbitrary Options Update Vulnerability Patched in WP Datepicker WordPress Plugin 1 week, 1 day ago | www.wordfence.com
april bounty bug bug bounty +16
$2,063 Bounty Awarded for Privilege Escalation Vulnerability Patched in User Registration WordPress Plugin 1 week, 5 days ago | www.wordfence.com
bounty bug bug bounty disclosure +18
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 8, 2024 to April 14, 2024) 1 week, 6 days ago | www.wordfence.com
april bounty bug bug bounty +17
$400 Bounty Awarded for SQL Injection Vulnerability Patched in WP Activity Log Premium WordPress Plugin 2 weeks ago | www.wordfence.com
activity log bounty bug bug bounty +21
$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express … 2 weeks, 2 days ago | www.wordfence.com
bounty bug bug bounty can +19
Wordfence Intelligence Weekly WordPress Vulnerability Report (April 1, 2024 to April 7, 2024) 2 weeks, 6 days ago | www.wordfence.com
april bounty bug bug bounty +17
Unauthenticated Stored Cross-Site Scripting Vulnerability Patched in WordPress Core 3 weeks ago | www.wordfence.com
april block bug cross-site +13

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Application Security Engineer - Remote Friendly

@ Unit21 | San Francisco,CA; New York City; Remote USA;
View on infosec-jobs.com

Cloud Security Specialist

@ AppsFlyer | Herzliya
View on infosec-jobs.com

Malware Analysis Engineer - Canberra, Australia

@ Apple | Canberra, Australian Capital Territory, Australia
View on infosec-jobs.com

Product CISO

@ Fortinet | Sunnyvale, CA, United States
View on infosec-jobs.com

Manager, Security Engineering

@ Thrive | United States - Remote
View on infosec-jobs.com
View more jobs