PT-2021-12011 · Unknown · Themegrill-Demo-Importer

Dave Jong

·

Published

2021-05-05

·

Updated

2025-06-23

·

CVE-2020-36333

CVSS v3.1

9.1

Critical

VectorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Name of the Vulnerable Software and Affected Versions: themegrill-demo-importer versions prior to 1.6.2
Description: The issue allows unauthorized access to wipe the database due to a lack of authentication requirement in the reset wizard actions hook.
Recommendations: For themegrill-demo-importer versions prior to 1.6.2, update to version 1.6.2 or later to resolve the issue.

Exploit

Fix

Missing Authentication

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-306

Related Identifiers

CVE-2020-36333

Affected Products

Themegrill-Demo-Importer