WordPress Plugin 'ThemeGrill Demo Importer' 1.3.4 < 1.6.3 Database Wipe and Auth Bypass

High Nessus Plugin ID 133856

Synopsis

The remote WordPress application has an outdated plugin installed that contains a database wipe and auth bypass vulnerability.

Description

The WordPress application running on the remote host has the 'ThemeGrill Demo Importer' plugin that is 1.3.4 or later, but prior to 1.6.3. It is, therefore, vulnerable to an missing authentication check that allows an unauthenticated user to wipe the entire database to its default state and then automatically be logged in as an administrator.

Solution

Update to ThemeGrill Demo Importer Plugin 1.6.3 or later or remove the plugin through the administrative dashboard.

See Also

http://www.nessus.org/u?55397bff

Plugin Details

Severity: High

ID: 133856

File Name: wordpress_plugin_themegrill-demo-importer_1_6_3.nasl

Version: 1.1

Type: remote

Family: CGI abuses

Published: 2020/02/21

Updated: 2020/02/21

Dependencies: 101842

Risk Information

Risk Factor: High

CVSS Score Source: manual

CVSS Score Rationale: Based on analysis of the vulnerability.

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: cpe:/a:wordpress:wordpress

Required KB Items: installed_sw/WordPress, www/PHP

Patch Publication Date: 2020/02/16

Vulnerability Publication Date: 2020/02/16