CVE-2020-36837

The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...

CVE-2020-36837 ThemeGrill Demo Importer 1.3.4 - 1.6.1 - Authorization Bypass to Site Reset

The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there ...

VulnCheck KEV: CVE-2020-36837

The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the resetwizardactions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if...

CVE-2020-36333

themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a resetwizardactions hook...

VulnCheck KEV: CVE-2020-36333

themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a resetwizardactions hook...