Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.4
CVE-2021-47910
- EPSS 0.24%
- Veröffentlicht 10.05.2026 13:16:27
- Zuletzt bearbeitet 12.05.2026 14:24:15
AccessPress Social Icons 1.8.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering JavaScript payloads into the 'icon title' field. Attackers can store XSS payloads like ima...
9.8
CVE-2021-24867
- EPSS 18.88%
- Veröffentlicht 21.02.2022 11:15:08
- Zuletzt bearbeitet 21.11.2024 05:53:55
Numerous Plugins and Themes from the AccessPress Themes (aka Access Keys) vendor are backdoored due to their website being compromised. Only plugins and themes downloaded via the vendor website are affected, and those hosted on wordpress.org are not....
8.8
CVE-2021-24143
- EPSS 1.26%
- Veröffentlicht 18.03.2021 15:15:15
- Zuletzt bearbeitet 21.11.2024 05:52:27
Unvalidated input in the AccessPress Social Icons plugin, versions before 1.8.1, did not sanitise its widget attribute, allowing accounts with post permission, such as author, to perform SQL injections.
1