Critical Bug in WordPress Theme Plugin: A well-popular WordPress theme plugin that has active installations over 200,000 occupied an intense but easy-to-utilize software vulnerability that could allow unauthenticated remote hackers to gain admin privileges and restore a site’s entire database to its default state if left unpatched.
The vulnerability plugin is ‘ThemeGrill Demo Importer‘ that is freely available as well as ships with WordPress themes, which is sold by the software development company ‘ThemeGrill’.
The ThemeGrill Demo Importer plugin has been developed to permit WordPress site admins to import demo content, widgets, and settings from ThemeGrill and make it easier for quick customization of the theme. But Critical Bug in WordPress Theme Plugin, ThemeGrill Demo Importer has been found which can cause major damage to your site.
According to a new report from WebARX security company shared with The Hacker News, when this theme is installed and activated in your site, the attacked plugin fulfills some tasks with admin privileges without checking if the user running the code is authenticated and is an admin.
At last, this deficiency could allow unauthenticated users to erase the whole database of aimed websites to its default status and after that they will also be logged in automatically as an administrator, allowing them to take complete control over the sites.
“In the above screenshot we can see that there is no authentication check, and only the do_reset_wordpress parameter requires to be present in the URL on any ‘admin’ based page of WordPress, including /wp-admin/admin-ajax.php.”
According to the WebARX researchers, the vulnerability affects ThemeGrill Demo Importer plugin version from 1.3.4 to 1.6.1 which has been released in the last 3 years.
“This is a serious vulnerability and lead to a significant amount of damage. Since it requires no suspicious-looking payload, it is not expected for any firewall to block this by default, and a special rule needs to be created to block this vulnerability,” the WebARX researchers said.
Researchers at WebARX first discovered the vulnerability in the previous month and quickly reported their findings to ThemeGrill and also provides virtual patching software to protect websites from the third-party component vulnerabilities. The company has also released a new version of ThemeGrill Demo Importer which fixes the bug.
If you have installed the ThemeGrill Demo Importer plugin on your website, it is highly recommended that you update it immediately to prevent falling victim to any attacks that utilize the vulnerability present in earlier versions.