Security Links
The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the reset_wizard_actions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there is a user named 'admin', the attacker will become automatically logged in as an administrator.

OSINT Updates

Your weekly dose of OSINT Updates every Wednesday. A free OSINT newsletter delivering what people want to read. Click to read OSINT Updates, by OSINT Ambition, a Substack publication with thousands of subscribers.

Visit Website
Listed: