MidnightBSD

Advisories for accesspressthemes

CVE-2017-15919 HIGH

The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
accesspressthemes ultimate-form-builder-lite *
CVE-2017-16949 HIGH

An issue was discovered in the AccessKeys AccessPress Anonymous Post Pro plugin through 3.1.9 for WordPress. Improper input sanitization allows the attacker to override the settings for allowed file extensions and upload file size, related to inc/cores/file-uploader.php and file-uploader/file-uploader-class.php. This allows the attacker to upload anything they want to the server, as demonstrated by an action=ap_file_upload_action&allowedExtensions[]=php request to /wp-admin/admin-ajax.php that results in a .php file upload and resultant PHP code execution.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-434,

Products Affected

Vendor Product Version
accesspressthemes anonymous_post_pro *
CVE-2020-25378 MEDIUM

Wordpress Plugin Store / AccessPress Themes WP Floating Menu V1.3.0 is affected by: Cross Site Scripting (XSS) via the id GET parameter.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
accesspressthemes wp_floating_menu 1.3.0
CVE-2021-24143 MEDIUM

Unvalidated input in the AccessPress Social Icons plugin, versions before 1.8.1, did not sanitise its widget attribute, allowing accounts with post permission, such as author, to perform SQL injections.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,CWE-89,

Products Affected

Vendor Product Version
accesspressthemes accesspress_social_icons *
CVE-2021-24858 MEDIUM

The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
accesspressthemes wp_cookie_user_info *
CVE-2021-24867 HIGH

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-912,

Products Affected

Vendor Product Version
accesspressthemes accesspress_custom_post_type 1.0.8
accesspressthemes gaga_lite 1.4.2
accesspressthemes swing_lite 1.1.9
accesspressthemes wp_popup_lite 1.0.8
accesspressthemes social_review *
accesspressthemes enlighten 1.3.5
accesspressthemes everest_counter_lite 2.0.7
accesspressthemes zigcy_lite 2.0.9
accesspressthemes everest_timeline_lite 1.1.1
accesspressthemes fashstore 1.2.1
accesspressthemes accesspress_social_icons 1.8.2
accesspressthemes parallax_blog 3.1.1574941215
accesspressthemes accesspress_social_login_lite 3.4.7
accesspressthemes wp_blog_manager_lite 1.1.0
accesspressthemes ripple 1.2.0
accesspressthemes accesspress_social_counter 1.9.1
accesspressthemes aplite 1.0.6
accesspressthemes accesspress_lite 2.92
accesspressthemes everest_tab_lite 2.0.3
accesspressthemes unicon_lite 1.2.6
accesspressthemes uncode_lite 1.3.1
accesspressthemes accesspress_store 2.4.9
accesspressthemes ap_mega_menu 3.0.5
accesspressthemes doko 1.0.27
accesspressthemes everest_review_lite 1.0.7
accesspressthemes accesspress_ray 1.19.5
accesspressthemes accesspress_root 2.5
accesspressthemes revolve 1.3.1
accesspressthemes accesspress_basic 3.2.1
accesspressthemes parallaxsome 1.3.6
accesspressthemes wp_tfeed 1.6.7
accesspressthemes tauto_poster 1.4.5
accesspressthemes apex_notification_bar_lite 2.0.4
accesspressthemes ap_pricing_tables_lite 1.1.2
accesspressthemes accesspress_ifeeds 4.0.3
accesspressthemes punte 1.1.2
accesspressthemes vmagazine_news 1.0.5
accesspressthemes bingle 1.0.4
accesspressthemes storevilla 1.4.1
accesspressthemes total_team_lite 1.1.1
accesspressthemes everest_faq_manager_lite 1.0.8
accesspressthemes social_auto_poster 2.1.3
accesspressthemes smart_scroll_to_top_lite 1.0.3
accesspressthemes everest_gplaces_business_reviews 1.0.9
accesspressthemes wp_popup_banners 1.2.3
accesspressthemes accesspress_staple 1.9.1
accesspressthemes fotography 2.4.0
accesspressthemes one-paze 2.2.8
accesspressthemes smart_logo_showcase_lite 1.1.7
accesspressthemes zigcy_cosmetics 1.0.5
accesspressthemes accessbuddy 1.0.0
accesspressthemes accesspress_mag 2.6.5
accesspressthemes comments_disable_-_accesspress 1.0.7
accesspressthemes form_store_to_db 1.0.9
accesspressthemes wp_menu_icons_lite *
accesspressthemes ap_companion *
accesspressthemes wp_product_gallery_lite 1.1.1
accesspressthemes agency_lite 1.1.6
accesspressthemes wp_1_slider 1.2.9
accesspressthemes mcontact_button *
accesspressthemes wp_cookie_user_info 1.0.7
accesspressthemes wp_floating_menu 1.4.4
accesspressthemes construction_lite 1.2.5
accesspressthemes ultimate-form-builder-lite 1.5.0
accesspressthemes wp_media_manager_lite 1.1.2
accesspressthemes sportsmag 1.2.1
accesspressthemes zigcy_baby 1.0.6
accesspressthemes accesspress_anonymous_post 2.8.0
accesspressthemes everest_coming_soon_lite 1.1.0
accesspressthemes accesspress_custom_css 2.0.1
accesspressthemes everest_admin_theme_lite 1.0.7
accesspressthemes pi_button 3.3.3
accesspressthemes ultimate_author_box_lite 1.1.2
accesspressthemes vmagazine_lite 1.3.5
accesspressthemes the_launcher 1.3.2
accesspressthemes wp_comment_designer_lite 2.0.3
accesspressthemes ap_custom_testimonial 1.4.6
accesspressthemes everest_comment_rating_lite 2.0.4
accesspressthemes accesspress_social_share 4.5.5
accesspressthemes the_monday 1.4.1
accesspressthemes scrollme 2.1.0
accesspressthemes smart_scroll_posts 2.0.8
accesspressthemes everest_gallery_lite 1.0.8
accesspressthemes vmag 1.2.7
accesspressthemes product_slider_for_woocommerce_lite 1.1.5
accesspressthemes ap_contact_form 1.0.6
accesspressthemes gaga_corp 1.0.8
accesspressthemes accesspress_parallax 4.5
accesspressthemes badge_designer_lite_for_woocommerce 1.1.0
accesspressthemes easy_side_tab 1.0.7
accesspressthemes inline_call_to_action_builder_lite 1.1.0
accesspressthemes total_gdpr_compliance_lite 1.0.4
accesspressthemes bloger 1.2.6
CVE-2021-25107 MEDIUM

The Form Store to DB WordPress plugin before 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated attacker to perform Cross-Site Scripting attacks against admin

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
accesspressthemes form_store_to_db *
CVE-2021-39317 MEDIUM

A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the /demo-functions.php file or /welcome.php file of the affected products. The complete list of affected products and their versions are below: WordPress Plugin: AccessPress Demo Importer <=1.0.6 WordPress Themes: accesspress-basic <= 3.2.1 accesspress-lite <= 2.92 accesspress-mag <= 2.6.5 accesspress-parallax <= 4.5 accesspress-root <= 2.5 accesspress-store <= 2.4.9 agency-lite <= 1.1.6 arrival <= 1.4.2 bingle <= 1.0.4 bloger <= 1.2.6 brovy <= 1.3 construction-lite <= 1.2.5 doko <= 1.0.27 edict-lite <= 1.1.4 eightlaw-lite <= 2.1.5 eightmedi-lite <= 2.1.8 eight-sec <= 1.1.4 eightstore-lite <= 1.2.5 enlighten <= 1.3.5 fotography <= 2.4.0 opstore <= 1.4.3 parallaxsome <= 1.3.6 punte <= 1.1.2 revolve <= 1.3.1 ripple <= 1.2.0 sakala <= 1.0.4 scrollme <= 2.1.0 storevilla <= 1.4.1 swing-lite <= 1.1.9 the100 <= 1.1.2 the-launcher <= 1.3.2 the-monday <= 1.4.1 ultra-seven <= 1.2.8 uncode-lite <= 1.3.3 vmag <= 1.2.7 vmagazine-lite <= 1.3.5 vmagazine-news <= 1.0.5 wpparallax <= 2.0.6 wp-store <= 1.1.9 zigcy-baby <= 1.0.6 zigcy-cosmetics <= 1.0.5 zigcy-lite <= 2.0.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,CWE-434,CWE-434,

Products Affected

Vendor Product Version
accesspressthemes edict-lite *
accesspressthemes access_demo_importer *
accesspressthemes zigcy-cosmetics *
accesspressthemes accesspress-parallax *
accesspressthemes enlighten *
accesspressthemes accesspress_basic *
accesspressthemes brovy *
accesspressthemes accesspress-root *
accesspressthemes ripple *
accesspressthemes swing-lite *
accesspressthemes the-monday *
accesspressthemes punte *
accesspressthemes wp-store *
accesspressthemes agency-lite *
accesspressthemes storevilla *
accesspressthemes vmagazine-news *
accesspressthemes accesspress-mag *
accesspressthemes revolve *
accesspressthemes sakala *
accesspressthemes wpparallax *
accesspressthemes eightlaw-lite *
accesspressthemes construction-lite *
accesspressthemes vmagazine-lite *
accesspressthemes bingle *
accesspressthemes zigcy-baby *
accesspressthemes accesspress-lite *
accesspressthemes scrollme *
accesspressthemes arrival *
accesspressthemes ultra-seven *
accesspressthemes eightstore-lite *
accesspressthemes uncode-lite *
accesspressthemes eight-sec *
accesspressthemes eightmedi-lite *
accesspressthemes accesspress-store *
accesspressthemes doko *
accesspressthemes zigcy-lite *
accesspressthemes fotography *
accesspressthemes parallaxsome *
accesspressthemes bloger *
accesspressthemes opstore *
accesspressthemes the100 *
accesspressthemes vmag *
accesspressthemes the-launcher *
CVE-2022-0628 MEDIUM

The Mega Menu WordPress plugin before 3.0.8 does not sanitize and escape the _wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
accesspressthemes ap_mega_menu *
CVE-2022-23911 MEDIUM

The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not validate and escape the id parameter before using it in a SQL statement when retrieving a testimonial to edit, leading to a SQL Injection

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-89,

Products Affected

Vendor Product Version
accesspressthemes ap_custom_testimonial *
CVE-2022-23912 MEDIUM

The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not sanitise and escape the id parameter before outputting it back in an attribute, leading to a Reflected cross-Site Scripting

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.1 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N 2.8 2.7

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
accesspressthemes ap_custom_testimonial *
CVE-2022-23975 MEDIUM

Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to activate any installed plugin.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6
audit@patchstack.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
accesspressthemes access_demo_importer *
CVE-2022-23976 MEDIUM

Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an attacker to reset all data (posts / pages / media).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 2.8 5.2
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
accesspressthemes access_demo_importer *
CVE-2022-4946

The Frontend Post WordPress Plugin WordPress plugin through 2.8.4 does not validate an attribute of one of its shortcode, which could allow users with a role as low as contributor to add a malicious shortcode to a page/post, which will redirect users to an arbitrary domain.

Products Affected

Vendor Product Version
accesspressthemes frontend_post_wordpress_plugin *
CVE-2023-0175

The Responsive Clients Logo Gallery Plugin for WordPress plugin through 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

Products Affected

Vendor Product Version
accesspressthemes smart_logo_showcase_lite 1.1.4
accesspressthemes smart_logo_showcase_lite 1.1.5
accesspressthemes smart_logo_showcase_lite 1.0.8
accesspressthemes smart_logo_showcase_lite 1.0.3
accesspressthemes smart_logo_showcase_lite 1.1.7
accesspressthemes smart_logo_showcase_lite 1.0.0
accesspressthemes smart_logo_showcase_lite 1.1.9
accesspressthemes smart_logo_showcase_lite 1.0.2
accesspressthemes smart_logo_showcase_lite 1.0.4
accesspressthemes smart_logo_showcase_lite 1.1.1
accesspressthemes smart_logo_showcase_lite 1.1.6
accesspressthemes smart_logo_showcase_lite 1.0.1
accesspressthemes smart_logo_showcase_lite 1.1.3
accesspressthemes smart_logo_showcase_lite 1.1.2
accesspressthemes smart_logo_showcase_lite 1.0.6
accesspressthemes smart_logo_showcase_lite 1.1.8
accesspressthemes smart_logo_showcase_lite 1.0.9
accesspressthemes smart_logo_showcase_lite 1.1.0
accesspressthemes smart_logo_showcase_lite 1.0.5
accesspressthemes smart_logo_showcase_lite 1.0.7
CVE-2023-26518

Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes WP TFeed plugin <= 1.6.9 versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 2.8 2.5
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
accesspressthemes wp_tfeed *
CVE-2023-26532

Cross-Site Request Forgery (CSRF) vulnerability in AccessPress Themes Social Auto Poster plugin <= 2.1.4 versions.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 2.8 5.9
audit@patchstack.com 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L 2.8 2.5

Products Affected

Vendor Product Version
accesspressthemes social_auto_poster *
CVE-2023-28661

The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnerability in the 'value' parameter in the get_popup_data action.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
accesspressthemes wp_popup_banners 1.0.5
accesspressthemes wp_popup_banners 1.0.9
accesspressthemes wp_popup_banners 1.2.3
accesspressthemes wp_popup_banners 1.0.7
accesspressthemes wp_popup_banners 1.2.2
accesspressthemes wp_popup_banners 1.1.0
accesspressthemes wp_popup_banners 1.1.3
accesspressthemes wp_popup_banners 1.0.1
accesspressthemes wp_popup_banners 1.2.5
accesspressthemes wp_popup_banners 1.0.4
accesspressthemes wp_popup_banners 1.2.1
accesspressthemes wp_popup_banners 1.0.3
accesspressthemes wp_popup_banners 1.1.1
accesspressthemes wp_popup_banners 1.0.8
accesspressthemes wp_popup_banners 1.1.6
accesspressthemes wp_popup_banners 1.2.0
accesspressthemes wp_popup_banners 1.0.6
accesspressthemes wp_popup_banners 1.1.7
accesspressthemes wp_popup_banners 1.0.2
accesspressthemes wp_popup_banners 1.1.9
accesspressthemes wp_popup_banners 1.1.8
accesspressthemes wp_popup_banners 1.1.4
accesspressthemes wp_popup_banners 1.1.5
accesspressthemes wp_popup_banners 1.1.2
accesspressthemes wp_popup_banners 1.2.4