CVE-2020-36875
BaseFortify
Publication date: 2026-01-09
Last updated on: 2026-01-09
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| accessally | accessally | to 3.3.2 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-94 | The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2020-36875 is a critical security vulnerability in the AccessAlly WordPress plugin versions prior to 3.3.2. It exists in the Login Widget where the plugin improperly processes the 'login_error' parameter as PHP code. This flaw allows an unauthenticated attacker to supply and execute arbitrary PHP code remotely on the affected server within the context of the WordPress web server process, leading to remote code execution. [1, 2, 3]
How can this vulnerability impact me? :
This vulnerability can have severe impacts as it allows unauthenticated remote attackers to execute arbitrary PHP code on the server hosting the vulnerable AccessAlly plugin. This can lead to full compromise of the web server, unauthorized access to sensitive data, modification or deletion of data, installation of malware, and potentially taking control of the entire WordPress site and underlying server. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by monitoring for suspicious HTTP requests to the WordPress login URL that include the 'login_error' parameter containing PHP code. A common detection method is to inspect web server logs for requests with unusual or encoded PHP code in the 'login_error' parameter. For example, using command-line tools like grep to search access logs: grep 'login_error' /var/log/apache2/access.log or grep 'login_error' /var/log/nginx/access.log. Additionally, tools like WPScan can be used to scan WordPress plugins for known vulnerabilities including this one. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the AccessAlly WordPress plugin to version 3.3.2 or later, where the vulnerability has been fixed by removing the capability to execute PHP code via the 'login_error' parameter. If you rely on the PHP execution feature, consider replacing the plugin with an alternative designed for safely running PHP code. Additionally, restricting access to the login page and monitoring for suspicious activity can help reduce risk until the update is applied. [1, 2, 3]