CVE-2021-24867

Sažetak

Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion

Reference

https://wpscan.com/vulnerability/9c76bada-fa32-4c2f-9855-d0efd1e63eff
https://jetpack.com/2022/01/18/backdoor-found-in-themes-and-plugins-from-accesspress-themes/

CVSS

Base:	7.5
Impact:	6.4
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:P/I:P/A:P

Zadnje važnije ažuriranje

02-03-2022 - 18:03

Objavljeno

21-02-2022 - 11:15