Unrated severityNVD Advisory· Published Feb 21, 2022· Updated Aug 3, 2024

Backdoored Plugins & Themes from AccessPress Themes

CVE-2021-24867

Description

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion

Affected products

Accesspress Themes/Accesspress Rootv5
Range: 2.5
Accesspress Themes/Social Reviewv5
Range: 1.0.9
Accesspress Themes/Smart Scroll Posts For Wordpressv5
Range: 2.0.8
Accesspress Themes/Accesspress Staplev5
Range: 1.9.1
Accesspress Themes/Accesspress Ifeedsv5
Range: 4.0.3
Accesspress Themes/Accesspress Custom Post Typev5
Range: 1.0.8
Accesspress Themes/Scrollmev5
Range: 2.1.0
Accesspress Themes/Accesspress Basicv5
Range: 3.2.1
AccessPress Themes/Faster and Easier scroll to Top Plugin for WordPress – Smart Scroll to Top Litev5
Range: 1.0.3
AccessPress Themes/Pricing Table Builder – AP Pricing Tables Litev5
Range: 1.1.3
AccessPress Themes/Total Team Lite – Responsive Team Manager / Showcase Plugin for WordPressv5
Range: 1.1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jetpack.com/2022/01/18/backdoor-found-in-themes-and-plugins-from-accesspress-themes/mitrex_refsource_MISC
wpscan.com/vulnerability/9c76bada-fa32-4c2f-9855-d0efd1e63effmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000