Access Demo Importer
by WordPress
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-23975 | 0.00 | — | 0.00 | Apr 18, 2022 | Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to activate any installed plugin. | |||
| CVE-2022-23976 | 0.00 | — | 0.00 | Apr 18, 2022 | Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to reset all data (posts / pages / media). | |||
| CVE-2021-39317 | 0.00 | — | 0.02 | Oct 11, 2021 | A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the… |
- CVE-2022-23975Apr 18, 2022risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to activate any installed plugin.
- CVE-2022-23976Apr 18, 2022risk 0.00cvss —epss 0.00
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to reset all data (posts / pages / media).
- CVE-2021-39317Oct 11, 2021risk 0.00cvss —epss 0.02
A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the…