Versio.io

CVE-2021-24867

Common vulnerabilities & exposures (CVE)

CVE databaseCVE database blogpostRelease & EoL database
 
Published at: - 21-02-2022 12:15
Last modified: - 02-03-2022 07:03
Total changes: - 3

Description

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Low
Attack complexity
Network
Attack vector
High
Availability
High
Confidentiality
High
Integrity
None
Privileges required
Unchanged
Scope
None
User interaction
9.8
Base score
3.9
5.9
Exploitability score
Impact score
 

Verification logic

OR
vendor=accesspressthemes AND product=accessbuddy AND version=1.0.0 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_anonymous_post AND version=2.8.0 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_basic AND version=3.2.1 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_custom_css AND version=2.0.1 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_custom_post_type AND version=1.0.8 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_ifeeds AND version=4.0.3 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_lite AND version=2.92 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_mag AND version=2.6.5 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_parallax AND version=4.5 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_ray AND version=1.19.5 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_root AND version=2.5 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_social_counter AND version=1.9.1 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_social_icons AND version=1.8.2 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_social_login_lite AND version=3.4.7 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_social_share AND version=4.5.5 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_staple AND version=1.9.1 AND target_software=wordpress
vendor=accesspressthemes AND product=accesspress_store AND version=2.4.9 AND target_software=wordpress
vendor=accesspressthemes AND product=agency_lite AND version=1.1.6 AND target_software=wordpress
vendor=accesspressthemes AND product=ap_companion AND target_software=wordpress AND versionEndExcluding=1.0.7
vendor=accesspressthemes AND product=ap_contact_form AND version=1.0.6 AND target_software=wordpress
vendor=accesspressthemes AND product=ap_custom_testimonial AND version=1.4.6 AND target_software=wordpress
vendor=accesspressthemes AND product=ap_mega_menu AND version=3.0.5 AND target_software=wordpress
vendor=accesspressthemes AND product=ap_pricing_tables_lite AND version=1.1.2 AND target_software=wordpress
vendor=accesspressthemes AND product=apex_notification_bar_lite AND version=2.0.4 AND target_software=wordpress
vendor=accesspressthemes AND product=aplite AND version=1.0.6 AND target_software=wordpress
vendor=accesspressthemes AND product=badge_designer_lite_for_woocommerce AND version=1.1.0 AND target_software=wordpress
vendor=accesspressthemes AND product=bingle AND version=1.0.4 AND target_software=wordpress
vendor=accesspressthemes AND product=bloger AND version=1.2.6 AND target_software=wordpress
vendor=accesspressthemes AND product=comments_disable_-_accesspress AND version=1.0.7 AND target_software=wordpress
vendor=accesspressthemes AND product=construction_lite AND version=1.2.5 AND target_software=wordpress
vendor=accesspressthemes AND product=doko AND version=1.0.27 AND target_software=wordpress
vendor=accesspressthemes AND product=easy_side_tab AND version=1.0.7 AND target_software=wordpress
vendor=accesspressthemes AND product=enlighten AND version=1.3.5 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_admin_theme_lite AND version=1.0.7 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_coming_soon_lite AND version=1.1.0 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_comment_rating_lite AND version=2.0.4 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_counter_lite AND version=2.0.7 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_faq_manager_lite AND version=1.0.8 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_gallery_lite AND version=1.0.8 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_gplaces_business_reviews AND version=1.0.9 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_review_lite AND version=1.0.7 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_tab_lite AND version=2.0.3 AND target_software=wordpress
vendor=accesspressthemes AND product=everest_timeline_lite AND version=1.1.1 AND target_software=wordpress
vendor=accesspressthemes AND product=fashstore AND version=1.2.1 AND target_software=wordpress
vendor=accesspressthemes AND product=form_store_to_db AND version=1.0.9 AND target_software=wordpress
vendor=accesspressthemes AND product=fotography AND version=2.4.0 AND target_software=wordpress
vendor=accesspressthemes AND product=gaga_corp AND version=1.0.8 AND target_software=wordpress
vendor=accesspressthemes AND product=gaga_lite AND version=1.4.2 AND target_software=wordpress
vendor=accesspressthemes AND product=inline_call_to_action_builder_lite AND version=1.1.0 AND target_software=wordpress
vendor=accesspressthemes AND product=mcontact_button AND target_software=wordpress AND versionEndExcluding=2.0.7
vendor=accesspressthemes AND product=one-paze AND version=2.2.8 AND target_software=wordpress
vendor=accesspressthemes AND product=parallax_blog AND version=3.1.1574941215 AND target_software=wordpress
vendor=accesspressthemes AND product=parallaxsome AND version=1.3.6 AND target_software=wordpress
vendor=accesspressthemes AND product=pi_button AND version=3.3.3 AND target_software=wordpress
vendor=accesspressthemes AND product=product_slider_for_woocommerce_lite AND version=1.1.5 AND target_software=wordpress
vendor=accesspressthemes AND product=punte AND version=1.1.2 AND target_software=wordpress
vendor=accesspressthemes AND product=revolve AND version=1.3.1 AND target_software=wordpress
vendor=accesspressthemes AND product=ripple AND version=1.2.0 AND target_software=wordpress
vendor=accesspressthemes AND product=scrollme AND version=2.1.0 AND target_software=wordpress
vendor=accesspressthemes AND product=smart_logo_showcase_lite AND version=1.1.7 AND target_software=wordpress
vendor=accesspressthemes AND product=smart_scroll_posts AND version=2.0.8 AND target_software=wordpress
vendor=accesspressthemes AND product=smart_scroll_to_top_lite AND version=1.0.3 AND target_software=wordpress
vendor=accesspressthemes AND product=social_auto_poster AND version=2.1.3 AND target_software=wordpress
vendor=accesspressthemes AND product=social_review AND target_software=wordpress AND versionEndExcluding=1.0.9
vendor=accesspressthemes AND product=sportsmag AND version=1.2.1 AND target_software=wordpress
vendor=accesspressthemes AND product=storevilla AND version=1.4.1 AND target_software=wordpress
vendor=accesspressthemes AND product=swing_lite AND version=1.1.9 AND target_software=wordpress
vendor=accesspressthemes AND product=tauto_poster AND version=1.4.5 AND target_software=wordpress
vendor=accesspressthemes AND product=the_launcher AND version=1.3.2 AND target_software=wordpress
vendor=accesspressthemes AND product=the_monday AND version=1.4.1 AND target_software=wordpress
vendor=accesspressthemes AND product=total_gdpr_compliance_lite AND version=1.0.4 AND target_software=wordpress
vendor=accesspressthemes AND product=total_team_lite AND version=1.1.1 AND target_software=wordpress
vendor=accesspressthemes AND product=ultimate-form-builder-lite AND version=1.5.0 AND target_software=wordpress
vendor=accesspressthemes AND product=ultimate_author_box_lite AND version=1.1.2 AND target_software=wordpress
vendor=accesspressthemes AND product=uncode_lite AND version=1.3.1 AND target_software=wordpress
vendor=accesspressthemes AND product=unicon_lite AND version=1.2.6 AND target_software=wordpress
vendor=accesspressthemes AND product=vmag AND version=1.2.7 AND target_software=wordpress
vendor=accesspressthemes AND product=vmagazine_lite AND version=1.3.5 AND target_software=wordpress
vendor=accesspressthemes AND product=vmagazine_news AND version=1.0.5 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_1_slider AND version=1.2.9 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_blog_manager_lite AND version=1.1.0 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_comment_designer_lite AND version=2.0.3 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_cookie_user_info AND version=1.0.7 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_floating_menu AND version=1.4.4 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_media_manager_lite AND version=1.1.2 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_menu_icons_lite AND target_software=wordpress AND versionEndExcluding=1.0.9
vendor=accesspressthemes AND product=wp_popup_banners AND version=1.2.3 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_popup_lite AND version=1.0.8 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_product_gallery_lite AND version=1.1.1 AND target_software=wordpress
vendor=accesspressthemes AND product=wp_tfeed AND version=1.6.7 AND target_software=wordpress
vendor=accesspressthemes AND product=zigcy_baby AND version=1.0.6 AND target_software=wordpress
vendor=accesspressthemes AND product=zigcy_cosmetics AND version=1.0.5 AND target_software=wordpress
vendor=accesspressthemes AND product=zigcy_lite AND version=2.0.9 AND target_software=wordpress
 

Reference

 


Keywords

NVD

 

CVE-2021-24867

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures

 

We use cookies to ensure that we give you the best experience on our website. Read privacy policies for more information.