We would like to announce an important security update on our ThemeGrill Demo Importer plugin. We request you to update this plugin to latest version 1.6.3 immediately.
What is the security issue?
We were reported by WebARX team about this security vulnerability. Once we got the exact message explaining the issue, we immediately released the update version 1.6.2 on the weekend time on Feb 16. We again released another update version 1.6.3 on Feb 18 with some more security enhancements.
How to tackle it, if your site was affected?
This issue causes the wipe-down of your site as a fresh install if attacked by potential hackers. The best way to approach this issue is: Please contact your hosting service provider and ask them to restore your site to last working backup they have (usually before of Feb 16 if the last backup did not work for you). Once you do this, please delete the ThemeGrill Demo Importer plugin if you are not using it. If you need to use it, please make sure you are using the latest version of the plugin 1.6.3.
For those who’s site are not affected, Immediate Action is required.
If the role of ThemeGrill Demo Importer which is to import demo to setup the site is fulfilled, then just delete it. If you need it, please make sure you are using the latest version 1.6.3 or above.
We at ThemeGrill take security very seriously. Having said that, security is a continuous process. There will be cases when a situation like this arise, but we should fight together against these security vulnerabilities. We try our best to avoid these situations but cannot assume that they will not occur. We remain calm and perform the necessary actions to avoid further damage to more site users. We are doing everything in our power to make sure all the sites with this plugin are updated to latest version as soon as possible.
We would like to apologize for the inconvenience caused. Have you any query, please use this contact page to communicate and we will get back to you. Thanks.