Log out
Get PRO

Latest

Input validation vulnerability in 43 AccessPress Themes and Plugin

  • Severity: high-risk
  • Status: Open
  • Publication: January 11, 2022

WordPress, a popular website platform, has a vulnerability which could be exploited by unauthenticated attackers. Plugins and themes developed by AccessPress Themes have functions that allow attackers to deactivate and activate plugins without the appropriate security checks or nonce validation. This means that if an attacker was able to trick a site administrator into clicking a link, they could deactivate security plugins and exploit other potential vulnerabilities.

Detected in:

Accesspress Basic fixed vulnerable versions: >= * <= 3.2.1
AccessPress Lite fixed vulnerable versions: >= * <= 2.92
AccessPress Mag fixed vulnerable versions: >= * <= 2.6.5
AccessPress Parallax fixed vulnerable versions: >= * <= 4.5
AccessPress Root fixed vulnerable versions: >= * <= 2.5
AccessPress Store fixed vulnerable versions: >= * <= 2.4.9
Bingle fixed vulnerable versions: >= * <= 1.0.4
Bloger fixed vulnerable versions: >= * <= 1.2.6
Construction Lite fixed vulnerable versions: >= * <= 1.2.5
Digital Agency Lite fixed vulnerable versions: >= * <= 1.1.6
Doko fixed vulnerable versions: >= * <= 1.0.27
EightLaw Lite fixed vulnerable versions: >= * <= 2.1.5
Eightmedi Lite fixed vulnerable versions: >= * <= 2.1.8
EightStore Lite fixed vulnerable versions: >= * <= 1.2.5
Enlighten fixed vulnerable versions: >= * <= 1.3.5
FotoGraphy fixed vulnerable versions: >= * <= 2.4.0
ParallaxSome fixed vulnerable versions: >= * <= 1.3.6
Punte fixed vulnerable versions: >= * <= 1.1.2
Sakala fixed vulnerable versions: >= * <= 1.0.4
StoreVilla fixed vulnerable versions: >= * <= 1.4.1
Swing Lite fixed vulnerable versions: >= * <= 1.1.9
The Launcher fixed vulnerable versions: >= * <= 1.3.2
VMag fixed vulnerable versions: >= * <= 1.2.7
VMagazine Lite fixed vulnerable versions: >= * <= 1.3.5
Vmagazine News fixed vulnerable versions: >= * <= 1.0.5
WP Store fixed vulnerable versions: >= * <= 1.1.9
Zigcy Baby fixed vulnerable versions: >= * <= 1.0.6
Zigcy Cosmetics fixed vulnerable versions: >= * <= 1.0.5
Zigcy Lite fixed vulnerable versions: >= * <= 2.0.9
Access Demo Importer open vulnerable versions: >= * <= 1.0.6
AccessPress Staple open vulnerable versions: >= * <= 1.9.1
Arrival open vulnerable versions: >= * <= 1.4.2
Brovy open vulnerable versions: >= * <= 1.3
Edict Lite open vulnerable versions: >= * <= 1.1.4
Eight Sec open vulnerable versions: >= * <= 1.1.4
Opstore open vulnerable versions: >= * <= 1.4.3
Revolve open vulnerable versions: >= * <= 1.3.1
Ripple open vulnerable versions: >= * <= 1.2.1
ScrollMe open vulnerable versions: >= * <= 2.1.0
The Monday open vulnerable versions: >= * <= 1.4.1
The100 open vulnerable versions: >= * <= 1.1.2
Ultra Seven open vulnerable versions: >= * <= 1.2.8
Uncode Lite open vulnerable versions: >= * <= 1.3.3
WPparallax open vulnerable versions: >= * <= 2.0.6

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.