Lucene search
K

38 matches found

Nuclei
Nuclei
added yesterday8 views

ThemeGrill Demo Importer < 1.6.2 - Database Reset

ThemeGrill Demo Importer before 1.6.2 does not require authentication for wiping the database due to a resetwizardactions hook. In versions 1.3.4 and above and versions 1.6.1 and below, there is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state...

9.1CVSS7.3AI score0.03429EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/04/22 1:22 a.m.3 views

CVE-2026-40730

Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGrill Demo Importer: from n/a through = 2.0.0.6...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References1
NVD
NVD
added 2026/04/15 11:16 a.m.4 views

CVE-2026-40730

Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGrill Demo Importer: from n/a through = 2.0.0.6...

5.3CVSS0.00195EPSS
Exploits0References1
CVE
CVE
added 2026/04/15 10:21 a.m.8 views

CVE-2026-40730

CVE-2026-40730 describes a missing authorization flaw in the WordPress ThemeGrill Demo Importer plugin that enables access-control misconfigurations (affected: ThemeGrill Demo Importer up to and including 2.0.0.6). Connected sources confirm the issue, with the PT-2026-33041 advisory identifying v...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/15 10:21 a.m.2 views

CVE-2026-40730

Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGrill Demo Importer: from n/a through = 2.0.0.6...

5.8AI score0.00195EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/15 10:21 a.m.29 views

CVE-2026-40730 WordPress ThemeGrill Demo Importer plugin <= 2.0.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGrill Demo Importer: from n/a through = 2.0.0.6...

5.3CVSS0.00195EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/15 12:0 a.m.8 views

WordPress plugin ThemeGrill Demo Importer 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00195EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/15 12:0 a.m.5 views

PT-2026-33041

Name of the Vulnerable Software and Affected Versions ThemeGrill Demo Importer versions prior to 2.0.0.7 Description ThemeGrill Demo Importer contains a missing authorization flaw that allows the exploitation of incorrectly configured access control security levels. Recommendations Update to a...

5.8AI score0.00195EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-23871

Malware in sbrugna...

8.8CVSS8.6AI score0.00646EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2020-30789

Malware in sbrugna...

9.9CVSS6.4AI score0.00568EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-25268

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.0022EPSS
Exploits0References3
NVD
NVD
added 2025/08/20 7:15 a.m.10 views

CVE-2025-9202

The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the welcomenoticeimporthandler function in all versions up to, and including, 4.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above...

4.3CVSS0.0022EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 4:22 p.m.6 views

CVE-2020-36334

themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database...

8.8CVSS7AI score0.00646EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/05/22 3:29 p.m.5 views

CVE-2020-36333

themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a resetwizardactions hook...

9.1CVSS7.2AI score0.03429EPSS
Exploits1
NVD
NVD
added 2024/10/16 7:15 a.m.11 views

CVE-2020-36837

The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...

9.9CVSS0.00568EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2024/10/16 6:43 a.m.12 views

CVE-2020-36837 ThemeGrill Demo Importer 1.3.4 - 1.6.1 - Authorization Bypass to Site Reset

The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...

9.9CVSS7AI score0.00568EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/16 6:43 a.m.21 views

CVE-2020-36837 ThemeGrill Demo Importer 1.3.4 - 1.6.1 - Authorization Bypass to Site Reset

The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...

9.9CVSS0.00568EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/10/16 12:0 a.m.3 views

WordPress plugin ThemeGrill Demo Importer 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

9.9CVSS6.8AI score0.00568EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2024/10/15 12:0 a.m.2 views

VulnCheck KEV: CVE-2020-36837

The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if...

9.9CVSS5.8AI score0.00568EPSS
Exploits0References1
OSV
OSV
added 2021/05/05 4:15 a.m.3 views

CVE-2020-36333

themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a resetwizardactions hook...

9.1CVSS5.8AI score0.03429EPSS
Exploits1References2
Rows per page
Query Builder