WordPress Plugin Bug Lets Subscribers Wipe Sites – Threatpost

[ad_1]

The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.

Researchers have discovered a homicidal WordPress plugin that allows subscribers to wipe sites clean of content.

The high-severity security flaw is found in Hashthemes Demo Importer, a plugin that’s used in more than 8,000 active installations.

According to security researchers at Wordfence, the vulnerability allows any authenticated user to…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *