Remote Wipe Plugin Bug Hits 200,000 WordPress Sites

Security researchers are warning of a new plugin vulnerability which is exposing over 200,000 WordPress sites to the risk of being remotely wiped by an attacker.

The problem lies with versions 1.3.4 and above and 1.6.1 and below of the ThemeGrill Demo Importer plugin, according to WebARX.

The firm said that the bug could allow any unauthenticated user to wipe the entire database to its default state and then log in as administrator.

“The prerequisite is that there must be a theme installed and activated that was published by ThemeGrill. In order to be automatically logged in as an administrator, there must be a user called ‘admin’ in the database. Regardless of this condition, the database will still be wiped to its default state,” the firm explained…..

Read the full article here :

Source : Phil Muncaster for Infosecurity-magazine.com

Squarespace the platform of choice for Wolfhound Digital

Squarespace Web Design & Development

Your Website Says Everything About You, It Should Be Great, It's Your Business Online.

Are you looking for new web design? Wolfhound Digital offer a completely customised Squarespace web design service for your business – whether you are a new start-up or a large multi-national, we design and develop fully-featured, optimised, and responsive websites with eCommerce options.

For Squarespace Web Design Ireland, contact us for an informal chat & advice on how Wolfhound Digital can help your business.

If you have any questions please send us a message. Once received, a member of our team will get in touch with you.

Tel +353 01 9121902