Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

WordPress Plugin Bug Lets Subscribers Wipe Sites

Vulnerabilities

1

1

20

Log in to reply

Cerberus last edited by

The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable site, deleting nearly all database content and uploaded media.

https://threatpost.com/wordpress-plugin-bug-wipe-sites/175826/
DISCLAIMER: Please note, that this article is not the work of (or owned by) Hostrisk.com. Attribution and copyright of this article is retained in full by the original author referred to in the Source link above
1 Reply Last reply
Reply Quote 0

1 / 1