Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Everest GPlaces Business Reviews includes Backdoor Only if downloaded via the vendor website - CVE-2021-24867 - Vulnerability Database
WP Plugin Everest Google Places Reviews Lite

WordPress Plugin Everest GPlaces Business Reviews includes Backdoor Only if downloaded via the vendor website - CVE-2021-24867

Critical
Reference: CVE-2021-24867
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-24867
Title: WordPress Plugin Everest GPlaces Business Reviews includes Backdoor Only if downloaded via the vendor website
Overview:

WordPress Plugin Everest GPlaces Business Reviews only if downloaded via the vendor website contains suspicious code. Attackers can exploit this issue to perform a variety of actions. Successful attacks will compromise the affected application and possibly the webserver or computer. WordPress Plugin Everest GPlaces Business Reviews version 1.0.9 is vulnerable prior versions may also be affected.