Remote Wipe Plugin Bug Hits 200,000+ WordPress Sites

Feb 18, 2020 12:00 pm Cyber Security 292

Remote Wipe Plugin Bug Hits 200,000+ WordPress Sites

Security researchers are warning of a new plugin vulnerability which is exposing over 200,000 WordPress sites to the risk of being remotely wiped by an attacker.



The problem lies with versions 1.3.4 and above and 1.6.1 and below of the ThemeGrill Demo Importer plugin, according to WebARX.



The firm said that the bug could allow any unauthenticated user to wipe the entire database to its default state and then log in as administrator.



“The prerequisite is that there must be a theme installed and activated that was published by ThemeGrill. In order to be automatically logged in as an administrator, there must be a user called ‘admin’ in the database. Regardless of this condition, the database will still be wiped to its default state,” the firm explained.



“Based on the SVN commit history, this issue has existed in the code for roughly three years, since version 1.3.4.”



WebARX warned that the vulnerability is particularly dangerous as it doesn’t require a suspicious-looking payload to exploit. For that reason, firewalls are not likely to block attacks by default and security admins would need to create a special rule for them to do so.



ThemeGrill is a popular provider of WordPress themes which users can deploy to customize their websites. The plugin in question can be used to demo content, widgets and theme settings quickly and easily.



The vulnerability is the second in the space of a month which could allow attackers to effectively wipe targeted WordPress sites.



Back in January, Wordfence warned ..

Support the originator by clicking the read the rest link below.

remote plugin wordpress sites
Read The Rest from the original source
infosecurity-magazine.com

Related News

Be in Touch

All Rights Reserved #1 Source for Cyber Security News, Reports and Threat Intelligence
Powered By The Internet!!!!