[ad_1]
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.
Researchers have discovered a homicidal WordPress plugin that allows subscribers to wipe sites clean of content.
The high-severity security flaw is found in Hashthemes Demo Importer, a plugin that’s used in more than 8,000 active installations.
According to security researchers at Wordfence, the vulnerability allows any authenticated user to…
More Info