WordPress Plugin Bug Lets Subscribers Wipe Sites
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.
The flaw, found in the Hashthemes Demo Importer plugin, allows any authenticated user to exsanguinate a vulnerable WordPress site, deleting nearly all database content and uploaded media.