38 matches found
ThemeGrill Demo Importer < 1.6.2 - Database Reset
ThemeGrill Demo Importer before 1.6.2 does not require authentication for wiping the database due to a resetwizardactions hook. In versions 1.3.4 and above and versions 1.6.1 and below, there is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state...
CVE-2026-40730
Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGrill Demo Importer: from n/a through = 2.0.0.6...
CVE-2026-40730
Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGrill Demo Importer: from n/a through = 2.0.0.6...
CVE-2026-40730
CVE-2026-40730 describes a missing authorization flaw in the WordPress ThemeGrill Demo Importer plugin that enables access-control misconfigurations (affected: ThemeGrill Demo Importer up to and including 2.0.0.6). Connected sources confirm the issue, with the PT-2026-33041 advisory identifying v...
CVE-2026-40730
Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGrill Demo Importer: from n/a through = 2.0.0.6...
CVE-2026-40730 WordPress ThemeGrill Demo Importer plugin <= 2.0.0.6 - Broken Access Control vulnerability
Missing Authorization vulnerability in ThemeGrill ThemeGrill Demo Importer themegrill-demo-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ThemeGrill Demo Importer: from n/a through = 2.0.0.6...
WordPress plugin ThemeGrill Demo Importer 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-33041
Name of the Vulnerable Software and Affected Versions ThemeGrill Demo Importer versions prior to 2.0.0.7 Description ThemeGrill Demo Importer contains a missing authorization flaw that allows the exploitation of incorrectly configured access control security levels. Recommendations Update to a...
EUVD-2020-23871
Malware in sbrugna...
EUVD-2020-30789
Malware in sbrugna...
EUVD-2025-25268
Malicious code in bioql PyPI...
CVE-2025-9202
The ColorMag theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the welcomenoticeimporthandler function in all versions up to, and including, 4.0.19. This makes it possible for authenticated attackers, with Subscriber-level access and above...
CVE-2020-36334
themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database...
CVE-2020-36333
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a resetwizardactions hook...
CVE-2020-36837
The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...
CVE-2020-36837 ThemeGrill Demo Importer 1.3.4 - 1.6.1 - Authorization Bypass to Site Reset
The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...
CVE-2020-36837 ThemeGrill Demo Importer 1.3.4 - 1.6.1 - Authorization Bypass to Site Reset
The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...
WordPress plugin ThemeGrill Demo Importer 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...
VulnCheck KEV: CVE-2020-36837
The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if...
CVE-2020-36333
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a resetwizardactions hook...