Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HAccesspressthemes Accessbuddy
APPAccesspressthemes1.0.0Accesspressthemes Accesspress Anonymous Post
APPAccesspressthemes2.8.0Accesspressthemes Accesspress Basic
APPAccesspressthemes3.2.1Accesspressthemes Accesspress Custom Css
APPAccesspressthemes2.0.1Accesspressthemes Accesspress Custom Post Type
APPAccesspressthemes1.0.8Accesspressthemes Accesspress Ifeeds
APPAccesspressthemes4.0.3Accesspressthemes Accesspress Lite
APPAccesspressthemes2.92Accesspressthemes Accesspress Mag
APPAccesspressthemes2.6.5Accesspressthemes Accesspress Parallax
APPAccesspressthemes4.5Accesspressthemes Accesspress Ray
APPAccesspressthemes1.19.5Accesspressthemes Accesspress Root
APPAccesspressthemes2.5Accesspressthemes Accesspress Social Counter
APPAccesspressthemes1.9.1Accesspressthemes Accesspress Social Icons
APPAccesspressthemes1.8.2Accesspressthemes Accesspress Social Login Lite
APPAccesspressthemes3.4.7Accesspressthemes Accesspress Social Share
APPAccesspressthemes4.5.5Accesspressthemes Accesspress Staple
APPAccesspressthemes1.9.1Accesspressthemes Accesspress Store
APPAccesspressthemes2.4.9Accesspressthemes Agency Lite
APPAccesspressthemes1.1.6Accesspressthemes Ap Companion
APPAccesspressthemes< 1.0.7Accesspressthemes Ap Contact Form
APPAccesspressthemes1.0.6Accesspressthemes Ap Custom Testimonial
APPAccesspressthemes1.4.6Accesspressthemes Apex Notification Bar Lite
APPAccesspressthemes2.0.4Accesspressthemes Aplite
APPAccesspressthemes1.0.6Accesspressthemes Ap Mega Menu
APPAccesspressthemes3.0.5Accesspressthemes Ap Pricing Tables Lite
APPAccesspressthemes1.1.2Accesspressthemes Badge Designer Lite For Woocommerce
APPAccesspressthemes1.1.0Accesspressthemes Bingle
APPAccesspressthemes1.0.4Accesspressthemes Bloger
APPAccesspressthemes1.2.6Accesspressthemes Comments Disable Accesspress
APPAccesspressthemes1.0.7Accesspressthemes Construction Lite
APPAccesspressthemes1.2.5
Related vulnerabilities
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object ...
The WP Popup Banners WordPress Plugin, version <= 1.2.5, is affected by an authenticated SQL injection vulnera...
The Testimonial WordPress Plugin WordPress plugin before 1.4.7 does not validate and escape the id parameter b...
The Cookie Notification Plugin for WordPress plugin before 1.0.9 does not sanitise or escape the id GET parame...
A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious fi...