Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

WP responsive FAQ with category plugin

Source -

CNA

CNA CVEs -

1

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated VendorsRelated AssignersReports
1Vulnerabilities found
CVE-2026-6443
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-9.8||CRITICAL
EPSS-0.06% / 18.27%
||
7 Day CHG~0.00%
Published-17 Apr, 2026 | 06:44
Updated-22 Apr, 2026 | 20:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Essentialplugin Plugins (Various Versions) - Injected Backdoor

All plugins by Essentialplugin for WordPress are vulnerable to an injected backdoor in various versions. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This makes it possible for the threat actor to maintain a persistent backdoor and inject spam into the affected sites.

Action-Not Available
Vendor-essentialplugin
Product-Blog Designer – Post and WidgetFeatured Post CreativeWP Featured Content and SliderTestimonial Grid and Testimonial Slider plus Carousel with Rotator WidgetWP Responsive Recent Post Slider/CarouselPost grid and filter ultimateWP Slick Slider and Image CarouselWP responsive FAQ with category pluginPortfolio and ProjectsWP Logo Showcase Responsive Slider and CarouselWP Blog and WidgetsTeam Slider and Team Grid Showcase plus Team CarouselCountdown Timer UltimateAccordion and Accordion SliderTrending/Popular Post Slider and WidgetAlbum and Image Gallery Plus LightboxMeta Slider and Carousel with LightboxPost Ticker UltimateVideo gallery and PlayerWP News and Scrolling WidgetsTimeline and History sliderPopup Maker and Popup Anything – Popup for opt-ins and Lead Generation Conversions
CWE ID-CWE-506
Embedded Malicious Code