WebARX specialists
warned that WordPress users urgently need to update the ThemeGrill Demo Importer plugin, developed by ThemeGrill, a company that creates and sells commercial WordPress themes.
According to official statistics, ThemeGrill Demo Importer is installed over 200,000 sites. The plugin allows resource owners to import demo content, widgets and settings for ThemeGrill themes.
WebARX experts write that due to the vulnerability, remote and unauthenticated attackers can send a special payload to a vulnerable site, with the help of which a certain plugin function will be activated. So, the ThemeGrill product has a function that completely resets all content on the site, effectively erasing all the content of the resource with the active ThemeGrill theme and replacing it with demo data.
In addition, if the site database contains a user named admin, an attacker can gain access to this account and all the corresponding rights.
According to the researchers, all versions of ThemeGrill Demo Importer from 1.3.4 to 1.6 are vulnerable to the problem .1, that is, the problem has been present in the code for about three years.
Currently, ThemeGrill developers have already fixed the bug and released an updated version of the plugin (1.6.2), which is highly recommended for all users to upgrade to. At the moment, WebARX specialists have recorded and repelled more than 16,000 attempts to attack a fresh problem.