5 matches found
CVE-2021-24867
Numerous Plugins and Themes from the AccessPress Themes aka Access Keys vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to...
CVE-2021-24867 Backdoored Plugins & Themes from AccessPress Themes
Numerous Plugins and Themes from the AccessPress Themes aka Access Keys vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to...
CVE-2021-24867
CVE-2021-24867 relates to backdoored AccessPress Themes plugins/themes distributed via the vendor site (not from wordpress.org). The vulnerability was exploited in the wild to deploy web shells and site defacements, observed by Talos IR as part of initial access through exploitation of a WordPres...
WordPress AccessPress Themes Webshell Upload (CVE-2021-24867)
An attacker might upload a webshell backdoor to WordPress AccessPress Themes. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...
Hackers Planted Secret Backdoor in Dozens of WordPress Plugins and Themes
In yet another instance of software supply chain attack, dozens of WordPress themes and plugins hosted on a developer's website were backdoored with malicious code in the first half of September 2021 with the goal of infecting further sites. The backdoor gave the attackers full administrative...