CVE-2025-49917 | Icegram Express Pro Plugin up to 5.9.5 on WordPress server-side request forgery

October 22, 2025 Yanac

A vulnerability was found in Icegram Express Pro Plugin up to 5.9.5 on WordPress. It has been classified as critical. Impacted is an unknown function. The manipulation leads to server-side request forgery.

This vulnerability is documented as CVE-2025-49917. The attack can be initiated remotely. There is not any exploit available.VulDB Recent EntriesRead More

CVE-2025-49060 | CMSSuperHeroes Wastia Plugin up to 1.1.3 on WordPress unrestricted upload
CVE-2025-49908 | WPClever WPC Countdown Timer for WooCommerce Plugin up to 3.1.4 on WordPress cross site scripting