According to a report, a popular WordPress theme plugin, ‘ThemeGrill
Demo Importer’ that comes with free as well as premium themes sold by the
software development company, ThemeGrill, contains a severe vulnerability.
The flaw could allow unauthenticated remote attackers get administrative
privileges and wipe the entire database of targeted websites to its default
state, after which they will also be automatically logged in as an
administrator, allowing them to take complete control over the sites.
As per the researchers, the following versions are vulnerable:
ThemeGrill Demo Importer plugin version 1.3.4 up to 1.6.1, all released in the
last 3 years.
Please make sure that all the theme/plugins are also up to date along
with WordPress to avoid such issues.
We at ZNetLive, always encourage our customers to pursue the best
practices of security to keep their systems updated, protected and patched
In case of any issue with your WordPress platform, please contact
ZNetLive support team at [email protected]