The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable site, deleting nearly all database content and uploaded media.
Read full article on Threat Post
WordPress Plugin Bug Lets Subscribers Wipe Sites
- Breaking down the numbers: Cybersecurity funding activity recap
- New infosec products of the week: April 26, 2024
- OpenAI’s GPT-4 Can Autonomously Exploit 87% of One-Day Vulnerabilities, Study Finds
- Threat Modeling and Understanding Inherent Threats – Adam Shostack – ESW #359
- Check Point delivers strong quarterly revenue growth but stock drops