On March 25th, 2024, during our second Bug Bounty Extravaganza, we received a submission for an unauthenticated SQL Injection vulnerability in Email Subscribers by Icegram Express, a WordPress plugin with more than 90, 000 active installations. This vulnerability can be leveraged to extract sensitive data from the database, …
$1,250 Bounty Awarded for Unauthenticated SQL Injection Vulnerability Patched in Email Subscribers by Icegram Express WordPress Plugin
Full Disclosure: This webpage may contain affiliate links, in which the website owner would receive a commission for purchases made. This does not affect your purchase cost.