WebARX Specialists warnedthat WordPress users urgently need to update the ThemeGrill Demo Importer plugin, developed by ThemeGrill, a company that creates and sells commercial WordPress themes.
According to official statistics, ThemeGrill Demo Importer installed on more than 200,000 sites. The plugin allows resource owners to import demo content, widgets and settings for ThemeGrill themes.
WebARX experts write that because of the vulnerability, remote and unauthenticated attackers have the ability to send a special payload to a vulnerable site, with the help of which a certain plug-in function will be activated. So, the ThemeGrill product has a function that completely resets all content on the site, effectively erasing all the content of the resource with the ThemeGrill active theme and replacing it with demo data.
In addition, if the site database contains a user named admin, the attacker can gain access to this account and all the relevant rights.
According to the researchers, all versions of ThemeGrill Demo Importer from 1.3.4 to 1.6.1 are vulnerable to the problem, that is, the problem was present in the code for about three years.
Currently, ThemeGrill developers have already fixed the bug and released an updated version of the plugin (1.6.2), which is highly recommended for all users to upgrade to. At the moment, WebARX specialists have recorded and repelled more than 16,000 attempts to attack a fresh problem.