Get a Pentest and security assessment of your IT network.

Cyber Security

Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin

Researchers are urging users of a vulnerable WordPress plugin, ThemeGrill Demo Importer, to update as soon as possible after discovering attackers are actively exploiting a flaw in the plugin. The plugin allows unauthenticated, remote attackers to execute some administrator functions without checking if they are an administrator. One such function is the capability to wipe the entire database of the vulnerable website, bringing it to its default state and clearing website databases of existing posts and user roles. After carrying out this action, an attacker would also then then be logged in as an administrator giving them complete control over the website.

Source: https://threatpost.com/active-exploits-hit-vulnerable-wordpress-themegrill-plugin/152947/

Related posts
Cyber Security

Zip Codes & PII: Are They Personal Data?

Cyber Security

Zero-Day Vulnerabilities: User Defence Guide

Cyber Security

Zero Knowledge Voting with Trusted Server

Cyber Security

ZeroNet: 51% Attack Risks & Mitigation