The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.
Source: Threadpost
WordPress Plugin Bug Lets Subscribers Wipe Sites
- Advertisement -
APLICATIONS
Gentle Reminder at RSA: Hacking Back is a Bad Idea
A panel at RSA Conference on appropriate responses to state-sponsored espionage of intellectual property for economic gain served as a reminder of the dangers...
