Blog | G5 Cyber Security

Unsafe WordPress Plugin Installed on Nearly 200,000 Sites

ThemeGrill Demo Importer for WordPress has been updated to remove a critical bug that gives admin privileges to unauthenticated users. The vulnerability is present on more than 200,000 WordPress sites. The plugin is used for easy import of WordPress themes demo content, widgets, and settings. The bug is present in versions of the plugin 1.3.4 up to 1.6.1. The most popular active versions are 1.4 through.1.6, which account for more than 98% of current installations.

Source: https://www.bleepingcomputer.com/news/security/unsafe-wordpress-plugin-installed-on-nearly-200-000-sites/

Exit mobile version