Security researchers from WebARX security found a bug in the WordPress theme plugin ‘ThemeGrill Demo Importer’. The users who buy ThemeGrill can use ‘ThemeGrill Demo Importer’ for free. It makes enables to import demo content, widgets, and settings from ThemeGrill for WordPress site admins. The vulnerable plugin has over 200,000 active installations.
The patched version must be installed
According to WebARX security, once a ThemeGrill theme is installed and is activated, it allows users to wipe the entire database without checking whether the user is admin and the code running is authenticated. Technically, when the plugin detects that a ThemeGrill theme is installed and activated, it loads the file /includes/class-demo-importer.php which hooks reset_wizard_actions into admin_init on line 44.
WebARX researchers underlined that the bug in ‘ThemeGrill Demo Importer’ is a serious vulnerability and can cause a significant amount of damage. The researches said:
“Since it requires no suspicious-looking payload just like our previous finding in InfiniteWP, it is not expected for any firewall to block this by default and a special rule needs to be created to block this vulnerability,”
WebARX researchers informed that this issue has existed in the code for roughly 3 years, since version 1.3.4. A patched version 1.6.2 on February 16 was released for this vulnerability. ThemeGrill’s theme users can get plugin updates automatically. Also, the WordPress Dashboard warns users with a notification to update their plugins.
Stay tuned for up-to-date WordPress News