20 Feb 2020
WordPress site owners who use business themes provided by ThemeGrill are recommended to update to the latest plugins that get installed with those themes to patch a critical bug that can let intruders clear their sites.
The vulnerability resides in ThemeGrill Demo Importer, a plugin that crafts with themes traded by ThemeGrill, a web development company that markets business WordPress themes.
The plugin, which is placed on more than 200,000 sites, lets site owners import demo content inside their ThemeGrill themes so they'll have examples and an origin point on which they can create their own sites.
Though, in a report published yesterday, WordPress security firm WebARX says that older versions of the ThemeGrill Demo Importer are exposed to foreign attacks from unauthenticated attackers.
Intruders can transmit a uniquely crafted payload to unsafe sites and trigger a function inside the plugin.
The weak function resets the site's content to zero, efficiently mopping the content of all WordPress sites where a ThemeGrill theme is active, and the vulnerable plugin is placed.
Moreover, if the site's database includes a user named "admin," then the attacker is given access to that user with full administrator powers over the site.
WebARX announces the vulnerability influences all versions of the ThemeGrill Demo Importer plugin within version 1.3.4 and 1.6.1.
ThemeGrill, the plugin's developer, fixed the bug and published version 1.6.2 over the weekend.
It is the second bug in a WordPress plugin that was revealed this year that can enable attackers to clean site databases. The previous month, the crew at Wordfence reported the same issue in the WP Database Reset plugin, placed on more than 80,000 sites.
Powered by WHMCompleteSolution