[ad_1]
A high severity security flaw found in a WordPress plugin with more than 8,000 active installs can let authenticated attackers reset and wipe vulnerable websites.
The plugin in question, known as Hashthemes Demo Importer, is designed to help admins import demos for WordPress themes with a single, without dealing with installing any dependencies.
The security bug would allow authenticated attackers to reset WordPress sites and delete almost all database content and uploaded media.
Wordfence QA engineer and threat analyst Ram Gall explained that the plugin failed to properly perform…
More Info