Did not find Icegram on WordPress?
If you try to download / search for Icegram on WordPress plugins repository, you get an error saying:
“We couldn’t find that plugin. Maybe you were looking for one of these?”
Why is Icegram not showing on WordPress?
Yorick Koster from Securify reported an XSS vulnerability in Icegram 11th July. This Cross-Site Request Forgery allows an attacker to overwrite any WordPress option with the value true.
It’s a rare case situation, but since this is about security, we don’t take it lightly.
The plugin was deactivated from the WordPress plugins repository – so people do not get the problematic version.
This is the reason why you can’t download Icegram from WordPress currently.
Is it fixed?
Yes. We submitted a fix for this particular issue on same day. Based on Ipstenu’s feedback, we also submitted additional changes to increase security in other areas too.