Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
accesspressthemes vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2022-23975
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an malicious user to activate any installed plugin.
Accesspressthemes Access Demo Importer
516
VMScore
CVE-2022-23976
Cross-Site Request Forgery (CSRF) in Access Demo Importer <= 1.0.7 on WordPress allows an malicious user to reset all data (posts / pages / media).
Accesspressthemes Access Demo Importer
383
VMScore
CVE-2022-0628
The Mega Menu WordPress plugin prior to 3.0.8 does not sanitize and escape the _wpnonce parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
Accesspressthemes Ap Mega Menu
668
VMScore
CVE-2017-15919
The ultimate-form-builder-lite plugin prior to 1.3.7 for WordPress has SQL Injection, with resultant PHP Object Injection, via wp-admin/admin-ajax.php.
Accesspressthemes Ultimate-form-builder-lite
578
VMScore
CVE-2021-24858
The Cookie Notification Plugin for WordPress plugin prior to 1.0.9 does not sanitise or escape the id GET parameter before using it in a SQL statement, when retrieving the setting to edit in the admin dashboard, leading to an authenticated SQL Injection
Accesspressthemes Wp Cookie User Info
383
VMScore
CVE-2020-25378
Wordpress Plugin Store / AccessPress Themes WP Floating Menu V1.3.0 is affected by: Cross Site Scripting (XSS) via the id GET parameter.
Accesspressthemes Wp Floating Menu 1.3.0
383
VMScore
CVE-2021-25107
The Form Store to DB WordPress plugin prior to 1.1.1 does not sanitise and escape parameter keys before outputting it back in the created entry, allowing unauthenticated malicious user to perform Cross-Site Scripting attacks against admin
Accesspressthemes Form Store To Db
NA
CVE-2022-4946
The Frontend Post WordPress Plugin WordPress plugin up to and including 2.8.4 does not validate an attribute of one of its shortcode, which could allow users with a role as low as contributor to add a malicious shortcode to a page/post, which will redirect users to an arbitrary d...
Accesspressthemes Frontend Post Wordpress Plugin
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2