82 matches found
ThemeGrill Demo Importer < 1.6.3 - Auth Bypass & Database Wipe
There is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state after which they are automatically logged in as an administrator. Edit WPScanTeam: v1.6.2 was released with an insufficient fix, allowing attackers to still exploit the issue using a CSR...
ThemeGrill Demo Importer < 1.6.3 - Auth Bypass & Database Wipe
There is a vulnerability that allows any unauthenticated user to wipe the entire database to its default state after which they are automatically logged in as an administrator. Edit WPScanTeam: v1.6.2 was released with an insufficient fix, allowing attackers to still exploit the issue using a CSR...