Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2021-24867— Backdoored Plugins & Themes from AccessPress Themes

EPSS 4.75% · P90
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-24867

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Backdoored Plugins & Themes from AccessPress Themes
Source: NVD (National Vulnerability Database)
Vulnerability Description
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
隐藏功能
Source: NVD (National Vulnerability Database)
Vulnerability Title
WordPress plugin AccessPress 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
WordPress是Wordpress基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。WordPress plugin是WordPress开源的一个应用插件。 WordPress plugin AccessPress 插件和主题存在安全漏洞,该漏洞源于插件和主题的供应商网站存在后门。通过供应商网站下载的插件和主题会受到影响。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
AccessPress ThemesFrontend Post WordPress Plugin – AccessPress Anonymous Post 2.8.0 ~ 2.8.0* -
AccessPress ThemesAccessPress Custom CSS 2.0.1 ~ 2.0.1* -
AccessPress ThemesAccessPress Custom Post Type 1.0.8 ~ 1.0.8* -
AccessPress ThemesSocial Auto Poster 2.1.3 ~ 2.1.3* -
AccessPress ThemesAccessPress iFeeds 4.0.3 ~ 4.0.3* -
AccessPress ThemesPI Button 3.3.3 ~ 3.3.3* -
AccessPress ThemesAccessPress Social Counter 1.9.1 ~ 1.9.1* -
AccessPress ThemesAccessPress Social Icons 1.8.2 ~ 1.8.2* -
AccessPress ThemesAccessPress Social Login Lite – Social Login WordPress Plugin 3.4.7 ~ 3.4.7* -
AccessPress ThemesAccessPress Social Share 4.5.5 ~ 4.5.5* -
AccessPress ThemesTAuto Poster 1.4.5 ~ 1.4.5* -
AccessPress ThemesWP TFeed 1.6.7 ~ 1.6.7* -
AccessPress ThemesEffectively Add & Customize Free Icons For WordPress Menus – WP Menu Icons Lite 1.0.9 ~ 1.0.9 -
AccessPress ThemesAP Companion 1.0.7 ~ 1.0.7 -
AccessPress ThemesEasiest Contact Form for WordPress – AP Contact Form 1.0.6 ~ 1.0.6* -
AccessPress ThemesTestimonial WordPress Plugin – AP Custom Testimonial 1.4.6 ~ 1.4.6* -
AccessPress ThemesMega Menu Plugin for WordPress – AP Mega Menu 3.0.5 ~ 3.0.5* -
AccessPress ThemesPricing Table Builder – AP Pricing Tables Lite 1.1.3 ~ 1.1.3* -
AccessPress ThemesResponsive Notification Bar Plugin for WordPress – Apex Notification Bar Lite 2.0.4 ~ 2.0.4* -
AccessPress ThemesForm Store to DB 1.0.9 ~ 1.0.9* -
AccessPress ThemesComments Disable – AccessPress 1.0.7 ~ 1.0.7* -
AccessPress ThemesCTA plugin for WordPress – Easy Side Tab 1.0.7 ~ 1.0.7* -
AccessPress ThemesWordPress Backend Customizer – Everest Admin Theme Lite 1.0.7 ~ 1.0.7* -
AccessPress ThemesUltimate Coming Soon, Maintenance Mode Plugin for WordPress – Everest Coming Soon Lite 1.1.0 ~ 1.1.0* -
AccessPress ThemesFree WordPress Plugin To Display Like/Dislike Comment Rating – Everest Comment Rating Lite 2.0.4 ~ 2.0.4* -
AccessPress ThemesBeautiful Stat Counter Plugin for WordPress – Everest Counter Lite 2.0.7 ~ 2.0.7* -
AccessPress ThemesBeautiful FAQ Plugin for WordPress – Everest FAQ Manager Lite 1.0.8 ~ 1.0.8* -
AccessPress ThemesResponsive Media Gallery Plugin for WordPress – Everest Gallery Lite 1.0.8 ~ 1.0.8* -
AccessPress ThemesEverest GPlaces Business Reviews 1.0.9 ~ 1.0.9* -
AccessPress ThemesEverest Review Lite – User/Admin review plugin for WordPress 1.0.7 -
AccessPress ThemesFree Responsive Tab Plugin For WordPress – Everest Tab Lite 2.0.3 ~ 2.0.3* -
AccessPress ThemesResponsive WordPress Timeline Plugin – Everest Timeline Lite 1.1.1 ~ 1.1.1* -
AccessPress ThemesInline Call To Action Builder Lite – Free Call To Action Layer Plugin for WordPress 1.1.0 ~ 1.1.0* -
AccessPress ThemesProduct Slider For WooCommerce Lite 1.1.5 ~ 1.1.5* -
AccessPress ThemesResponsive Clients Logo Gallery Plugin for WordPress – Smart Logo Showcase Lite 1.1.7 ~ 1.1.7* -
AccessPress ThemesSmart Scroll Posts for WordPress 2.0.8 ~ 2.0.8* -
AccessPress ThemesFaster and Easier scroll to Top Plugin for WordPress – Smart Scroll to Top Lite 1.0.3 ~ 1.0.3* -
AccessPress ThemesTotal GDPR Compliance Lite – WordPress Plugin for GDPR Compatibility 1.0.4 -
AccessPress ThemesTotal Team Lite – Responsive Team Manager / Showcase Plugin for WordPress 1.1.1 ~ 1.1.1* -
AccessPress ThemesFree Responsive Post/Article Author Section Plugin for WordPress – Ultimate Author Box Lite 1.1.2 ~ 1.1.2* -
AccessPress ThemesContact Form for WordPress – Ultimate Form Builder Lite 1.5.0 ~ 1.5.0* -
AccessPress ThemesBadge Designer Lite For WooCommerce 1.1.0 ~ 1.1.0* -
AccessPress ThemesWordPress Slider Plugin – WP 1 Slider 1.2.9 ~ 1.2.9* -
AccessPress ThemesPlugin to Manage / Design WordPress Blog – WP Blog Manager Lite 1.1.1 ~ 1.1.1* -
AccessPress ThemesSmartest Way To Design & Customize WordPress Comments & Comment Form – WP Comment Designer Lite 2.0.3 ~ 2.0.3* -
AccessPress ThemesCookie Notification Plugin for WordPress – WP Cookie User Info 1.0.7 ~ 1.0.7* -
AccessPress ThemesSocial Review 1.0.9 ~ 1.0.9 -
AccessPress ThemesMContact Button 2.0.7 ~ 2.0.7 -
AccessPress ThemesWP Floating Menu – One page navigator, sticky menu for WordPress 1.4.4 ~ 1.4.4* -
AccessPress ThemesThe Easiest WordPress Media Manager Plugin – WP Media Manager Lite 1.1.2 ~ 1.1.2* -
AccessPress ThemesWP Popup Banners 1.2.3 ~ 1.2.3* -
AccessPress ThemesWP Popup Lite – Responsive popup plugin for WordPress 1.0.8 -
AccessPress ThemesResponsive Products Showcase Listing for WordPress – WP Product Gallery Lite 1.1.1 -
AccessPress Themesaccessbuddy 1.0.0 -
AccessPress ThemesAccesspress Basic 3.2.1 -
AccessPress ThemesAccesspress Lite 2.92 -
AccessPress ThemesAccesspress Mag 2.6.5 -
AccessPress ThemesAccessPress Parallax 4.5 -
AccessPress Themesaccesspress-ray 1.19.5 -
AccessPress ThemesAccessPress Root 2.5 -
AccessPress ThemesAccessPress Staple 1.9.1 -
AccessPress ThemesAccessPress Store 2.4.9 -
AccessPress ThemesAgency Lite 1.1.6 -
AccessPress ThemesAplite 1.0.6 -
AccessPress ThemesBingle 1.0.4 -
AccessPress ThemesBloger 1.2.6 -
AccessPress ThemesConstruction Lite 1.2.5 -
AccessPress ThemesDoko 1.0.27 -
AccessPress ThemesEnlighten 1.3.5 -
AccessPress ThemesFashStore 1.2.1 -
AccessPress ThemesFotoGraphy 2.4.0 -
AccessPress ThemesGaga Corp 1.0.8 -
AccessPress ThemesGaga Lite 1.4.2 1.0.8 -
AccessPress ThemesOne Paze 2.2.8 -
AccessPress Themesparallax-blog 3.1.1574941215 -
AccessPress ThemesParallaxSome 1.3.6 -
AccessPress ThemesPunte 1.1.2 -
AccessPress ThemesRevolve 1.3.1 -
AccessPress ThemesRipple 1.2.0 -
AccessPress ThemesScrollMe 2.1.0 -
AccessPress ThemesSportsMag 1.2.1 -
AccessPress ThemesStoreVilla 1.4.1 -
AccessPress ThemesSwing Lite 1.1.9 -
AccessPress ThemesThe Launcher 1.3.2 -
AccessPress ThemesThe Monday 1.4.1 -
AccessPress ThemesUncode Lite 1.3.1 -
AccessPress ThemesUnicon Lite 1.2.6 -
AccessPress ThemesVMag 1.2.7 -
AccessPress ThemesVMagazine Lite 1.3.5 -
AccessPress ThemesVmagazine News 1.0.5 -
AccessPress ThemesZigcy Baby 1.0.6 -
AccessPress ThemesZigcy Cosmetics 1.0.5 -
AccessPress ThemesZigcy Lite 2.0.9 -

II. Public POCs for CVE-2021-24867

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2021-24867

登录查看更多情报信息。

IV. Related Vulnerabilities

Same vendor: AccessPress Themes
Same weakness: CWE-912

V. Comments for CVE-2021-24867

No comments yet

Leave a comment