SpirityCVE

All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This makes it possible for the threat actor to maintain a persistent backdoor and inject spam into the affected sites.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact total

Vendors	Products
Essentialplugin	Accordion And Accordion Slider
Wordpress	Wordpress

No data.

References

Link	Providers
https://anchor.host/someone-bought-30-wordpress-plugins-and-planted-a-backdoor-in-all-of-them/
https://www.wordfence.com/threat-intel/vulnerabilities/id/2597724a-9a39-4e46-b153-f42366f833ba?source=cve

History

Wed, 22 Apr 2026 00:00:00 +0000

Type	Values Removed	Values Added
Description	The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This makes it possible for the threat actor to maintain a persistent backdoor and inject spam into the affected sites.	All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This makes it possible for the threat actor to maintain a persistent backdoor and inject spam into the affected sites.
Title	Accordion and Accordion Slider 1.4.6 - Injected Backdoor	Essentialplugin Plugins (Various Versions) - Injected Backdoor

Fri, 17 Apr 2026 19:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 17 Apr 2026 09:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Essentialplugin Essentialplugin accordion And Accordion Slider Wordpress Wordpress wordpress
Vendors & Products		Essentialplugin Essentialplugin accordion And Accordion Slider Wordpress Wordpress wordpress

Fri, 17 Apr 2026 07:00:00 +0000

Type	Values Removed	Values Added
Description		The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This makes it possible for the threat actor to maintain a persistent backdoor and inject spam into the affected sites.
Title		Accordion and Accordion Slider 1.4.6 - Injected Backdoor
Weaknesses		CWE-506
References		https://anchor.host/someone-bought-30-wordpress-plugins-and-planted-a-backdoor-in-all-of-them/ https://www.wordfence.com/threat-intel/vulnerabilities/id/2597724a-9a39-4e46-b153-f42366f833ba?source=cve
Metrics		cvssV3_1 `{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}`

MITRE

Status: PUBLISHED

Assigner: Wordfence

Published: 2026-04-17T06:44:49.128Z

Updated: 2026-04-21T19:53:07.705Z

Reserved: 2026-04-16T18:22:16.366Z

Link: CVE-2026-6443

Vulnrichment

Updated: 2026-04-17T18:49:38.790Z

NVD

Status : Deferred

Published: 2026-04-17T07:16:03.160

Modified: 2026-04-22T20:22:50.570

Link: CVE-2026-6443

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable yes

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object