Vulnerabilities > CVE-2021-24867 - Hidden Functionality vulnerability in Accesspressthemes products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
accesspressthemes
CWE-912

Summary

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion

Vulnerable Configurations

Part Description Count
Application
Accesspressthemes
93

Common Weakness Enumeration (CWE)