...your site might be hacked.
All thanks to the free plugin called “ThemeGrill Demo Importer” which imports ThemeGrill themes with one click.
There is an error in the plug-in code that allows the plug-in to perform some operations with administrator privileges and verification is bypassed. This means that any user on the site with this plugin can perform administrator operations. The whole action is that this flaw may eventually allow unauthenticated remote attackers to clean the entire database of target websites to their default state, after which they will be automatically logged in as an administrator, which in turn will allow them to take full control of the website and its subpages.
The scale of the problem can be large, because if you believe the WordPress statistics, the plugin was installed over 100,000 times (and according to other sources over 200,000 times)
According to WebARX researchers, this vulnerability affects the ThemeGrill Demo Importer plugin version 1.3.4 to 1.6.1, which is all versions released in the last 3 years.
“This is a serious security vulnerability that can cause significant damage. Because it does not require suspicious payload, no firewall blocks it by default, so a special rule should be created to block this vulnerability. “
said WebARX researchers. WebARX is a company that provides vulnerability detection software and virtual patching to protect websites from vulnerabilities in third-party components. This group reported a vulnerability to ThemeGrill developers two weeks ago who, despite everything, released a patch version 1.6.2 on February 16th.
I do using WordPress - what do I do?
You have two options – either use the plugin or not 😂 And now let’s be serious, I recommend discontinuing this component – WordPress is the most popular CMS on the market and there are tons of different plugins that can replace what you use. If you have any experiences and experiences related to this story or WordPress, I encourage you to discuss it 😊