Brutal WordPress plugin bug allows subscribers to wipe sites

[ad_1]

Brutal WordPress plugin bug allows subscribers to wipe sites

A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can let authenticated attackers reset and wipe vulnerable websites.

The plugin in question, known as Hashthemes Demo Importer, is designed to help admins import demos for WordPress themes with a single, without dealing with installing any dependencies.

The security bug would allow authenticated attackers to reset WordPress sites and delete almost all database content and uploaded media.

Wordfence QA engineer and threat analyst Ram Gall explained that the plugin failed to properly perform…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *