Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2021-24867
HistoryFeb 21, 2022 - 11:15 a.m.

CVE-2021-24867

2022-02-2111:15:08
CWE-912
[email protected]
web.nvd.nist.gov
6
accesspress themes
backdoored
compromised website
wordpress.org
cve-2021-24867

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

75.2%

JSON

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion

Affected configurations

Nvd
Node
accesspressthemesaccessbuddyMatch1.0.0wordpress
OR
accesspressthemesaccesspress_anonymous_postMatch2.8.0wordpress
OR
accesspressthemesaccesspress_basicMatch3.2.1wordpress
OR
accesspressthemesaccesspress_custom_cssMatch2.0.1wordpress
OR
accesspressthemesaccesspress_custom_post_typeMatch1.0.8wordpress
OR
accesspressthemesaccesspress_ifeedsMatch4.0.3wordpress
OR
accesspressthemesaccesspress_liteMatch2.92wordpress
OR
accesspressthemesaccesspress_magMatch2.6.5wordpress
OR
accesspressthemesaccesspress_parallaxMatch4.5wordpress
OR
accesspressthemesaccesspress_rayMatch1.19.5wordpress
OR
accesspressthemesaccesspress_rootMatch2.5wordpress
OR
accesspressthemesaccesspress_social_counterMatch1.9.1wordpress
OR
accesspressthemesaccesspress_social_iconsMatch1.8.2wordpress
OR
accesspressthemesaccesspress_social_login_liteMatch3.4.7wordpress
OR
accesspressthemesaccesspress_social_shareMatch4.5.5wordpress
OR
accesspressthemesaccesspress_stapleMatch1.9.1wordpress
OR
accesspressthemesaccesspress_storeMatch2.4.9wordpress
OR
accesspressthemesagency_liteMatch1.1.6wordpress
OR
accesspressthemesap_companionRange<1.0.7wordpress
OR
accesspressthemesap_contact_formMatch1.0.6wordpress
OR
accesspressthemesap_custom_testimonialMatch1.4.6wordpress
OR
accesspressthemesap_mega_menuMatch3.0.5wordpress
OR
accesspressthemesap_pricing_tables_liteMatch1.1.2wordpress
OR
accesspressthemesapex_notification_bar_liteMatch2.0.4wordpress
OR
accesspressthemesapliteMatch1.0.6wordpress
OR
accesspressthemesbadge_designer_lite_for_woocommerceMatch1.1.0wordpress
OR
accesspressthemesbingleMatch1.0.4wordpress
OR
accesspressthemesblogerMatch1.2.6wordpress
OR
accesspressthemescomments_disable_-_accesspressMatch1.0.7wordpress
OR
accesspressthemesconstruction_liteMatch1.2.5wordpress
OR
accesspressthemesdokoMatch1.0.27wordpress
OR
accesspressthemeseasy_side_tabMatch1.0.7wordpress
OR
accesspressthemesenlightenMatch1.3.5wordpress
OR
accesspressthemeseverest_admin_theme_liteMatch1.0.7wordpress
OR
accesspressthemeseverest_coming_soon_liteMatch1.1.0wordpress
OR
accesspressthemeseverest_comment_rating_liteMatch2.0.4wordpress
OR
accesspressthemeseverest_counter_liteMatch2.0.7wordpress
OR
accesspressthemeseverest_faq_manager_liteMatch1.0.8wordpress
OR
accesspressthemeseverest_gallery_liteMatch1.0.8wordpress
OR
accesspressthemeseverest_gplaces_business_reviewsMatch1.0.9wordpress
OR
accesspressthemeseverest_review_liteMatch1.0.7wordpress
OR
accesspressthemeseverest_tab_liteMatch2.0.3wordpress
OR
accesspressthemeseverest_timeline_liteMatch1.1.1wordpress
OR
accesspressthemesfashstoreMatch1.2.1wordpress
OR
accesspressthemesform_store_to_dbMatch1.0.9wordpress
OR
accesspressthemesfotographyMatch2.4.0wordpress
OR
accesspressthemesgaga_corpMatch1.0.8wordpress
OR
accesspressthemesgaga_liteMatch1.4.2wordpress
OR
accesspressthemesinline_call_to_action_builder_liteMatch1.1.0wordpress
OR
accesspressthemesmcontact_buttonRange<2.0.7wordpress
OR
accesspressthemesone-pazeMatch2.2.8wordpress
OR
accesspressthemesparallax_blogMatch3.1.1574941215wordpress
OR
accesspressthemesparallaxsomeMatch1.3.6wordpress
OR
accesspressthemespi_buttonMatch3.3.3wordpress
OR
accesspressthemesproduct_slider_for_woocommerce_liteMatch1.1.5wordpress
OR
accesspressthemespunteMatch1.1.2wordpress
OR
accesspressthemesrevolveMatch1.3.1wordpress
OR
accesspressthemesrippleMatch1.2.0wordpress
OR
accesspressthemesscrollmeMatch2.1.0wordpress
OR
accesspressthemessmart_logo_showcase_liteMatch1.1.7wordpress
OR
accesspressthemessmart_scroll_postsMatch2.0.8wordpress
OR
accesspressthemessmart_scroll_to_top_liteMatch1.0.3wordpress
OR
accesspressthemessocial_auto_posterMatch2.1.3wordpress
OR
accesspressthemessocial_reviewRange<1.0.9wordpress
OR
accesspressthemessportsmagMatch1.2.1wordpress
OR
accesspressthemesstorevillaMatch1.4.1wordpress
OR
accesspressthemesswing_liteMatch1.1.9wordpress
OR
accesspressthemestauto_posterMatch1.4.5wordpress
OR
accesspressthemesthe_launcherMatch1.3.2wordpress
OR
accesspressthemesthe_mondayMatch1.4.1wordpress
OR
accesspressthemestotal_gdpr_compliance_liteMatch1.0.4wordpress
OR
accesspressthemestotal_team_liteMatch1.1.1wordpress
OR
accesspressthemesultimate-form-builder-liteMatch1.5.0wordpress
OR
accesspressthemesultimate_author_box_liteMatch1.1.2wordpress
OR
accesspressthemesuncode_liteMatch1.3.1wordpress
OR
accesspressthemesunicon_liteMatch1.2.6wordpress
OR
accesspressthemesvmagMatch1.2.7wordpress
OR
accesspressthemesvmagazine_liteMatch1.3.5wordpress
OR
accesspressthemesvmagazine_newsMatch1.0.5wordpress
OR
accesspressthemeswp_1_sliderMatch1.2.9wordpress
OR
accesspressthemeswp_blog_manager_liteMatch1.1.0wordpress
OR
accesspressthemeswp_comment_designer_liteMatch2.0.3wordpress
OR
accesspressthemeswp_cookie_user_infoMatch1.0.7wordpress
OR
accesspressthemeswp_floating_menuMatch1.4.4wordpress
OR
accesspressthemeswp_media_manager_liteMatch1.1.2wordpress
OR
accesspressthemeswp_menu_icons_liteRange<1.0.9wordpress
OR
accesspressthemeswp_popup_bannersMatch1.2.3wordpress
OR
accesspressthemeswp_popup_liteMatch1.0.8wordpress
OR
accesspressthemeswp_product_gallery_liteMatch1.1.1wordpress
OR
accesspressthemeswp_tfeedMatch1.6.7wordpress
OR
accesspressthemeszigcy_babyMatch1.0.6wordpress
OR
accesspressthemeszigcy_cosmeticsMatch1.0.5wordpress
OR
accesspressthemeszigcy_liteMatch2.0.9wordpress
VendorProductVersionCPE
accesspressthemesaccessbuddy1.0.0cpe:2.3:a:accesspressthemes:accessbuddy:1.0.0:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_anonymous_post2.8.0cpe:2.3:a:accesspressthemes:accesspress_anonymous_post:2.8.0:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_basic3.2.1cpe:2.3:a:accesspressthemes:accesspress_basic:3.2.1:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_custom_css2.0.1cpe:2.3:a:accesspressthemes:accesspress_custom_css:2.0.1:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_custom_post_type1.0.8cpe:2.3:a:accesspressthemes:accesspress_custom_post_type:1.0.8:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_ifeeds4.0.3cpe:2.3:a:accesspressthemes:accesspress_ifeeds:4.0.3:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_lite2.92cpe:2.3:a:accesspressthemes:accesspress_lite:2.92:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_mag2.6.5cpe:2.3:a:accesspressthemes:accesspress_mag:2.6.5:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_parallax4.5cpe:2.3:a:accesspressthemes:accesspress_parallax:4.5:*:*:*:*:wordpress:*:*
accesspressthemesaccesspress_ray1.19.5cpe:2.3:a:accesspressthemes:accesspress_ray:1.19.5:*:*:*:*:wordpress:*:*
Rows per page:
1-10 of 931

Related

checkpoint_advisories 1
prion 1
cve 1
cnvd 1
cvelist 1
wpvulndb 1
talosblog 1
osv 1
thn 1
checkpoint_advisories
checkpoint_advisories
WordPress AccessPress Themes Webshell Upload (CVE-2021-24867)
2022-01-25 00:00:00
prion
prion
Design/Logic Flaw
2022-02-21 11:15:00
cve
cve
CVE-2021-24867
2022-02-21 11:15:08
cnvd
cnvd
WordPress plugin AccessPress Themes has an unspecified vulnerability
2022-02-23 00:00:00
cvelist
cvelist
CVE-2021-24867 Backdoored Plugins & Themes from AccessPress Themes
2022-02-21 10:45:39
wpvulndb
wpvulndb
Backdoored Plugins & Themes from AccessPress Themes
2021-10-13 00:00:00
talosblog
talosblog
Quarterly Report: Incident Response Trends in Q1 2023
2023-04-26 12:00:37
osv
osv
CVE-2021-24867
2022-02-21 11:15:08
thn
thn
Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and Themes
2022-01-22 07:13:00

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS

0.004

Percentile

75.2%

JSON
Related for NVD:CVE-2021-24867
checkpoint_advisories1prion1cve1cnvd1cvelist1wpvulndb1talosblog1osv1thn1