Active Exploits Hit Vulnerable WordPress ThemeGrill Plugin

2020-02-18 17:27

Researchers are urging users of a vulnerable WordPress plugin, ThemeGrill Demo Importer, to update as soon as possible after discovering attackers are actively exploiting a flaw in the plugin.

This WordPress plugin helps users import and manage ThemeGrill templates on their sites.

According to the WordPress plugin repository, versions 1.4, 1.5 and 1.6 make up 98.6 percent of active versions of the plugin.

There's currently a severe vuln in a wordpress plugin called "Themegrill demo importer" that resetss the whole database.

Last week popular WordPress plugin GDPR Cookie Consent, issued fixes for a critical flaw, that if exploited, could enable attackers to modify content or inject malicious JavaScript code into victim websites.

News URL

https://threatpost.com/active-exploits-hit-vulnerable-wordpress-themegrill-plugin/152947/

#exploit #wordpress

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Wordpress		49	36	409	104	29	578
Plugin		2	0	13	0	0	13