Filtered by vendor Accesspressthemes
Subscribe
Filtered by product Ultimate-form-builder-lite
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-24867 | 1 Accesspressthemes | 93 Accessbuddy, Accesspress Anonymous Post, Accesspress Basic and 90 more | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not. However, all of them were updated or removed to avoid any confusion | |||||
CVE-2017-15919 | 1 Accesspressthemes | 1 Ultimate-form-builder-lite | 2024-02-04 | 7.5 HIGH | 9.8 CRITICAL |
The ultimate-form-builder-lite plugin before 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php. |