A bug on a WordPress plugin has caused 200,000 websites to be hacked. The hackers gained access to the administrator accounts, after which they had the opportunity to completely remove all websites. WordPress websites are often at risk from plugins.
Bug with WordPress plugin poses risks
A bug in a WordPress plugin can cause hackers to completely delete up to two hundred thousand sites. In addition, hackers can gain access to the administrator account of websites via this bug. The leak is in the plugin ‘ThemeGrill Demo Importer’. This plugin comes with themes sold by ThemeGrill, which is a web development company that sells WordPress themes. This plugin was created to give users the ability to import ThemeGrill themes. With these themes they have examples in house and they can start to build a WordPress website.
Owners of WordPress websites that use themes from ThemeGrill would do well to fix the bug in this particular plugin, making it impossible for hackers to penetrate through this plugin.
Security company WebARX
WordPress security company WebARX indicates in a report that older versions of ThemeGrill Demo Importer are vulnerable to external attacks. The vulnerability affects all versions of ThemoGrill Demo ImportHackers between versions 1.3.4 and 1.6.1. Hackers work by sending a specially crafted payload to vulnerable sites, thereby activating a function in this particular plugin. This allows them to empty the content of a website and thus actually delete the entire website.
If there is a user on the database who uses the username ‘admin‘, the attacker also gets all user rights. ThemeGrill fixed this bug and included it in version 16.2. With this version, it is therefore possible to work safely and hackers can no longer penetrate through this plugin.
Hackers clear databases from websites
For the second time this year, it is now common that a bug is known in a WordPress plugin, which allows hackers to clear databases of websites. Wordfence previously disclosed a similar issue. This involved more than eighty thousand websites on which the relevant plugin is installed.
Other WordPress bugs in plugins that were previously announced were the plugin Code fragments (used by two hundred thousand websites), the GDPR Cookie Consent plugin (used by seven hundred thousand websites) and the InfiniteWP plugin. (used by more than three hundred thousand websites)
Need help with security?
It is important for your website that it stays up-to-date. If you forget to update, hackers can enter your websites via the not updated plugin or theme. You can read more dangers for your website here in our blog. Do you want to be sure that you are protected? Take a look at our WordPress Security service.
Contact us
Have you been hacked or are you having problems with your website? Contact us via our number 030 20 72 488 or open our live chat. Together we will see what we can do for you!
