WebARX conducted a report and found a vulnerability for the WordPress plugin. The vulnerability was discovered in ThemeGrill Demo Importer, which is a plugin that offers demo options for themes, widgets, and other features that can help customize websites. The plugin compromises nearly 100,000 WordPress Sites. This vulnerability allows hackers to attack when the plugin is activated from ThemeGrill, to gain access to full administrator privileges, and they can even wipe out the entire website database to a default state. ThemeGrill has since patched the vulnerability and released version 1.6.2 and 1.6.3.
There are 5 steps that organizations can take to ensure that their websites are safe:
- Remove all vulnerable plugins immediately
- Regularly audit currently-installed plugins to disable outdated ones
- Deploy the latest updates and patches for both CMS and plugins
- Adhere to the principle of least privilege
- Establish secure authentication processes
Trend Micro Web Security helps customers to protect themselves from internet threats.
Lucrodyne is proud partners with Trend Micro. We have the skills and expertise to manage, protect, and optimize your business in the Cloud. Please contact our certified specialists today to discuss your cloud journey.
Read this article to learn more about the vulnerability plugin found in WordPress and how businesses can help protect themselves from internet threats.
Follow us for the latest cloud news and job opportunities