A Cyber Security bug is a quite popular name in cyber crimes. A software bug is a flaw that aims to exploit and gain unauthorized access to a target system. It is the fault that obstructs any computer program to work properly.
Security patches have recently been recorded in the WordPress site provided by ThemeGrill. The site owners who use commercial themes to update the plugins that come installed with the theme to patch a critical bug that helps the hackers to remove the sites. ThemeGrill is a web development company that sells WordPress themes. It has been noted that the vulnerability consists of Themegrill Demo Importer, a plugin that ships with themes sold by them.
This plugin was installed on more than 200,000 sites had a special feature that allowed the site owners to import a demo content inside their ThemeGrills themes. Having this they get an example and also a starting point on which they can create their sites.
In a report by WordPress security firm WebARX it is said that “In versions 1.3.4 and above and versions 1.6.1 and below, there is a vulnerability that allows an unauthenticated user to wipe the entire database to its default state after which they are automatically logged in as an administrator”. That means that the older versions of the ThemeGrill Demo Importer are vulnerable to remote attacks from hackers.
Cyber criminal sends a specially crafted data to the vulnerable sites and generates a function inside the plugin. This vulnerable resets the content. It wipes down all the contents to Zero where the ThemeGrill theme is active and the vulnerable plugin is installed. Recently, a similar issue has been reported in the WP Database Reset plugin that installed more than 80,000 sites.
ThemGrill Demo Importer plugin version between 1.3.4 and 1.6.1 was found to be vulnerable. The developers fixed the bug and also released a new version 1.6.2.
Other notable WordPress bugs disclosed:
- 1. Stored cross-site vulnerability in the GDPR Cookie Consent plugin, used by more than 700,000 active sites. That could lead to authenticated stored XSS and that allowed escalation.
- 2. Cross site Request Forgery-to-Remote Code Execution vulnerability in Code Snippet plugins, used by more than 200,000 sites.
- 3. Authentication bypass bug in the Infinite WP plugin, used by more than 300,000 sites. It contained logical issues in the code that allows a user to login into an administrator account without any password.
Update the older version to stay safe from these kinds of vulnerabilities. Always backup your site and database before proceeding. Beware of the suspicious new accounts and if found any click on delete. But always be aware before testing any change as it can break your site by removing benign functions. It’s always better to reinstall all plugins after a hack to be sure if they are free from any residual malware. To secure your company from such vulnerability attacks always consult with an expert cyber security consultancy.
Leave a Comment:
Get Exclusive Cyber Security Tips On:
Prevention from damage dealt to an organization’s reputation.
Investments on fixing the issues caused by attack.
Preventing confidential data and Intellectual Property being stolen
Prevention of revenue loss due to service disruption and much more.