CVE-2021-39333
Hashthemes Demo Importer <= 1.1.1 Improper Access Control Allowing Content Deletion
The Hashthemes Demo Importer Plugin <= 1.1.1 for WordPress contained several AJAX functions which relied on a nonce which was visible to all logged-in users for access control, allowing them to execute a function that truncated nearly all database tables and removed the contents of wp-content/uploads.
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Produtos afetados
Hashthemes · Hashthemes Demo ImporterQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →