Safety researchers at WebARX have found a vital bug in a preferred WordPress plugin that would permit unauthenticated customers to achieve administrative privileges and restore a web site’s complete database to its default state if left unpatched.
The vulnerability was discovered within the ThemeGrill Demo Importer plugin that ships with WordPress themes bought by the online growth firm ThemeGrill.
The plugin is put in on over 200,000 websites and it permits web site homeowners to import demo content material in to their ThemeGrill themes to offer them with examples which they’ll use to construct their very own websites.
Based on a brand new report from WebARX, variations 1.3.four to 1.6.1 of the ThemeGrill Demo Importer plugin are susceptible to the bug which might permit unauthenticated hackers to launch distant assaults on WordPress websites which have the plugin put in.
Hackers can exploit the vulnerability in ThemeGrill Demo Importer by sending a specifically crafted payload to websites which have an older model of the plugin put in to set off a perform contained in the plugin.
This perform can be utilized to wipe the database of a WordPress web site the place a ThemeGrill theme is lively and the susceptible plugin is put in. Moreover, if the positioning’s database incorporates a consumer named “admin”, then the attacker is granted entry to that consumer together with full administrator rights over the positioning.
Researchers at WebARX first found the vulnerability earlier this month and rapidly reported their findings to ThemeGrill. The corporate has since launched a brand new model of ThemeGrill Demo Importer which fixes the bug.
Nonetheless, on the time of writing, the most recent model of the plugin, version 1.6.3, has been put in over 100,000 occasions which implies that many customers have but to replace their websites. In case you have the ThemeGrill Demo Importer plugin put in in your web site, it’s extremely beneficial that you just replace it instantly to stop falling sufferer to any assaults that exploit the vulnerability current in earlier variations.