3 matches found
CVE-2020-7048
The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to reset any table in the database to the initial WordPress set-up state deleting all site content stored in that table, as demonstrated by a wp-admin/admin-post.php?db-reset-tables=comments...
WordPress ThemeGrill Plugin Privilege Escalation (CVE-2020-7047; CVE-2020-7048)
A privilege escalation exists in WordPress ThemeGrill plugin. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
CVE-2020-7048
The CVE describes a vulnerability in the WordPress WP Database Reset plugin (versions up to 3.1; fixed in later releases, with guidance noting upgrade to at least 3.15). Root cause: an unauthenticated user can trigger a database-table reset via the admin-post.php endpoint (db-reset-tables[] param...