High

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-22	CVE-2023-26532	Unspecified vulnerability in Accesspressthemes Social Auto Poster Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes Social Auto Poster plugin <= 2.1.4 versions. network low complexity accesspressthemes	8.8
2023-11-13	CVE-2023-26518	Cross-Site Request Forgery (CSRF) vulnerability in Accesspressthemes WP Tfeed Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes WP TFeed plugin <= 1.6.9 versions. network low complexity accesspressthemes CWE-352	8.8
2022-02-21	CVE-2021-24867	Hidden Functionality vulnerability in Accesspressthemes products Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. network low complexity accesspressthemes CWE-912	7.5
2021-10-11	CVE-2021-39317	Unrestricted Upload of File with Dangerous Type vulnerability in Accesspressthemes products A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the /demo-functions.php file or /welcome.php file of the affected products. network low complexity accesspressthemes CWE-434	8.8
2017-12-19	CVE-2017-16949	Unrestricted Upload of File with Dangerous Type vulnerability in Accesspressthemes Anonymous Post PRO 3.1.9 An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. network low complexity accesspressthemes CWE-434	7.5
2017-10-26	CVE-2017-15919	SQL Injection vulnerability in Accesspressthemes Ultimate-Form-Builder-Lite The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php. network low complexity accesspressthemes CWE-89	7.5