Together, towards a better future

Critical Flaw in Wordpress Theme Leaves 200,000 Websites Open to Hackers

WordPress theme plugin with over 200,000 active installations contains a severe but easy-to-exploit software vulnerability that, if left unpatched, could let unauthenticated remote attackers compromise a wide range of websites and blogs.


1 min read
Critical Flaw in Wordpress Theme Leaves 200,000 Websites Open to Hackers

The vulnerable plugin in question is 'ThemeGrill Demo Importer' that comes with free as well as premium themes sold by the software development company ThemeGrill.

According to a report WebARX security company shared with Hack Hex, when a ThemeGrill theme is installed and activated, the affected plugin executes some functions with administrative privileges without checking whether the user running the code is authenticated and is an admin.

"Here we see (in the screenshot) that there is no authentication check, and only the do_reset_wordpress parameter needs to be present in the URL on any 'admin' based page of WordPress, including /wp-admin/admin-ajax.php."

According to the WebARX researchers, the vulnerability affects ThemeGrill Demo Importer plugin version 1.3.4 up to 1.6.1, all released in the last 3 years.

"This is a serious vulnerability and can cause a significant amount of damage. Since it requires no suspicious-looking payload, it is not expected for any firewall to block this by default, and a special rule needs to be created to block this vulnerability," the WebARX researchers said.

WebARX, which provides vulnerability detection and virtual patching software to protect websites from the third-party component vulnerabilities. responsibly reported this vulnerability to ThemeGrill developers two weeks ago, who then released a patched version 1.6.2 on February 16.

Newsletter
Get all the latest posts delivered straight to your inbox!
🎉 You've successfully subscribed to Hack Hex!
OK