WordPress Plugin 'ThemeGrill Demo Importer' 1.3.4 < 1.6.3 Database Wipe and Auth Bypass

high Nessus Plugin ID 133856

Synopsis

The remote WordPress application has an outdated plugin installed that contains a database wipe and auth bypass vulnerability.

Description

The WordPress application running on the remote host has the 'ThemeGrill Demo Importer' plugin that is 1.3.4 or later, but prior to 1.6.3. It is, therefore, vulnerable to an missing authentication check that allows an unauthenticated user to wipe the entire database to its default state and then automatically be logged in as an administrator.

Solution

Update to ThemeGrill Demo Importer Plugin 1.6.3 or later or remove the plugin through the administrative dashboard.

See Also

http://www.nessus.org/u?55397bff

Plugin Details

Severity: High

ID: 133856

File Name: wordpress_plugin_themegrill-demo-importer_1_6_3.nasl

Version: 1.1

Type: remote

Family: CGI abuses

Published: 2/21/2020

Updated: 2/21/2020

Supported Sensors: Nessus

Risk Information

CVSS Score Rationale: Based on analysis of the vulnerability.

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS Score Source: manual

CVSS v3

Risk Factor: High

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Required KB Items: installed_sw/WordPress, www/PHP

Patch Publication Date: 2/16/2020

Vulnerability Publication Date: 2/16/2020