3 matches found
CVE-2020-36837
The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...
CVE-2020-36837
The ThemeGrill Demo Importer plugin for WordPress has a vulnerability (CVE-2020-36837) in versions 1.3.4–1.6.1 where a missing capability check in the reset_wizard_actions function allows authentication bypass. If an attacker is authenticated, they can reset the WordPress database, and if there i...
CVE-2020-36837 ThemeGrill Demo Importer 1.3.4 - 1.6.1 - Authorization Bypass to Site Reset
The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...