A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the plugin_offline_installer AJAX action due to a missing capability check in the plugin_offline_installer_callback function found in the /demo-functions.php file or /welcome.php file of the affected products. The complete list of affected products and their versions are below: WordPress Plugin: AccessPress Demo Importer <=1.0.6 WordPress Themes: accesspress-basic <= 3.2.1 accesspress-lite <= 2.92 accesspress-mag <= 2.6.5 accesspress-parallax <= 4.5 accesspress-root <= 2.5 accesspress-store <= 2.4.9 agency-lite <= 1.1.6 arrival <= 1.4.2 bingle <= 1.0.4 bloger <= 1.2.6 brovy <= 1.3 construction-lite <= 1.2.5 doko <= 1.0.27 edict-lite <= 1.1.4 eightlaw-lite <= 2.1.5 eightmedi-lite <= 2.1.8 eight-sec <= 1.1.4 eightstore-lite <= 1.2.5 enlighten <= 1.3.5 fotography <= 2.4.0 opstore <= 1.4.3 parallaxsome <= 1.3.6 punte <= 1.1.2 revolve <= 1.3.1 ripple <= 1.2.0 sakala <= 1.0.4 scrollme <= 2.1.0 storevilla <= 1.4.1 swing-lite <= 1.1.9 the100 <= 1.1.2 the-launcher <= 1.3.2 the-monday <= 1.4.1 ultra-seven <= 1.2.8 uncode-lite <= 1.3.3 vmag <= 1.2.7 vmagazine-lite <= 1.3.5 vmagazine-news <= 1.0.5 wpparallax <= 2.0.6 wp-store <= 1.1.9 zigcy-baby <= 1.0.6 zigcy-cosmetics <= 1.0.5 zigcy-lite <= 2.0.9
References
| Link | Resource |
|---|---|
| https://patchstack.com/articles/authenticated-vulnerability-in-unpatched-wordpress-themes/ | Third Party Advisory |
| https://plugins.trac.wordpress.org/changeset/2592642/access-demo-importer/trunk/inc/demo-functions.php | Patch Third Party Advisory |
| https://plugins.trac.wordpress.org/changeset/2602132/access-demo-importer/trunk/inc/demo-functions.php | Patch Third Party Advisory |
| https://www.wordfence.com/blog/2021/10/high-severity-vulnerability-patched-in-access-demo-importer-plugin/ | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2021-10-11 16:15
Updated : 2024-02-28 18:48
NVD link : CVE-2021-39317
Mitre link : CVE-2021-39317
CVE.ORG link : CVE-2021-39317
JSON object : View
Products Affected
accesspressthemes
- wpparallax
- zigcy-cosmetics
- vmag
- construction-lite
- accesspress-lite
- brovy
- storevilla
- ripple
- accesspress-store
- accesspress-root
- zigcy-baby
- eightstore-lite
- doko
- swing-lite
- eight-sec
- arrival
- parallaxsome
- bloger
- accesspress-mag
- opstore
- the100
- the-monday
- wp-store
- vmagazine-lite
- scrollme
- zigcy-lite
- accesspress-parallax
- sakala
- bingle
- revolve
- edict-lite
- the-launcher
- ultra-seven
- enlighten
- accesspress_basic
- eightmedi-lite
- punte
- fotography
- vmagazine-news
- eightlaw-lite
- agency-lite
- uncode-lite
- access_demo_importer