Severe security flaw discovered in a WP plugin: do you use WordPress?

Severe security flaw discovered in a WP plugin: do you use WordPress?

A you a WordPress user? 
 
If so, you need to be aware of a security flaw found in the Hashthemes Demo Importer plugin. This plugin is used by thousands of websites and can let authenticated attackers reset and wipe vulnerable websites. The vulnerability alert came to our attention via our security team who have already notified the developer about it (as well as other development agencies). However, there’s no word on when or if a patch will be released for this issue.  So we recommend that all users remove this plugin from their sites immediately until further notice.
 
The plugin has over 100,000 active installs on the official WordPress plugin directory alone. We’re not sure how many people are using this plugin outside of that platform but if you use it at all, we recommend disabling it immediately until the issue is resolved.
 
Our team and others say that this particular exploit could allow an attacker to gain full access to your site including deleting everything from files to databases and even installing malware or ransomware without any trace left behind after they do so! 
 
The plugin in question is designed to help admins import demos for WordPress themes with a single click. 
 
We know how important your website is to you, which is why we want to make sure that your site stays safe at all times. That’s why our team has created an easy-to-use platform where anyone can keep their own website secure without having any coding knowledge whatsoever. Our platform comes with everything you could ever need including direct access to a dedicated WordPress developer, cloud hosting with uptime monitoring, 24/7 support, SEO reports, and much more! 
 

Categories

Website Support as a Service

Do you want to focus on your business instead of worrying about maintaining the company website?

With website support as a service, you don't have to worry about any issues because they're handled by professionals who are trained in web development and design best practices. Let us handle all updates so that when something goes wrong - which won't happen - but if it does - then rest assured knowing that our team will be there for you every step of the way until things go back online again! It's easy and affordable too!

Signup for free to get started! →

Testimonials

Marci Broderick

Web Marketing Specialist
www.apexlearning.com

I work primarily with Eduard. He is awesome! I know I can rely on him, he is fast and very good.

Nicole Pecaro

Creative Manager for Captivate
www.captivate.com

CodeBru is extremely reliable. I am able to sleep at night knowing the websites we created are in good hands!

Jesse Johnson

Marketing Specialist for Meeting Tomorrow
www.meetingtomorrow.com

CodeBru always impresses me with how quickly they respond to our coding and web design requests. I honestly have no clue how they work so fast!

OUR PROCESS

Research & Discovery

Every project we undertake is unique. To offer the best possible solutions for our valued clients, we take the time to discuss their goals and expectations of their project. After this consultation, we assess their existing web presence to map out a plan of action to meet - or exceed - these goals!

UX Strategy & Design

Using the findings from our Project Assessment, our team of designers and developers collaborate to create a customized end product. Our team upholds the highest standards throughout the entire Implementation and Deployment process and optimizes your digital asset for success!

Engineering

Our team of developers and designers are savvy and versed in multiple platforms and programming language. If you’re able to dream it, we’re able to build it! Our custom solutions are built to suit, using the platform that is best suited for our clients specific needs.

The Team

Zach Caudill

Founder

Zach has been working in the web industry since 2004. He has worked full-time for large companies, startups, small businesses and as a contractor for other web agencies. Zach started CodeBru in 2015 as a system engineer. Now in charge of full-service solutions, Zach leads development efforts and oversees project management.

Sara Jones

Account Support

Sara joined CodeBru in 2015 to provide full service account support and management for our clients. She is the liaison between you and the rest of the team. With superb communication and organizational skills, Sara makes sure everyone is on the same page at all times and maintains lasting relationships.

Ron Sarache

Designer

Ron has been working with Codebru since 2016 providing full time graphic design service. Bringing creativity and imagination to the team, Ron loves design challenges and creating new things that amazes the clients. He can design almost anything your imagination comes up with and would love to put your project into a real image.

Rafael Margaryan

Front-end developer

Rafael started learning JavaScript and web development when was 20. In front-end development, he works with JS and CSS frameworks but also has a great understanding of back-end technologies.

Eduard Faber

System Engineer

Eduard received his Bachelor of Standardization, Metrology and Certification in 2005, but started learning PHP and site development when was 16. He specializes in hosting and network security and is responsible for database, API and server build.

Xionary Guerrero

Project Manager

Xionary is the latest addition to the design team. She assists and supports the design team in all communicative tasks. She is the link between the client's idea and the product that the designer delivers. Organization is her motto.

Nicolas Rostov

App Developer

Nicolas started making iOS apps in 2009 and since then he has completed several projects where he developed apps from scratch, improved existing code, and automated business processes with mobile tech. He specializes in converting your vision and its requirements into working code, and to resolve issues in business automation and UX.

Ryan Cybul

Junior Developer

Ryan received his Full Stack Web Development certificate from Northwestern University in 2018. He has a general knowledge both front-end and back-end development and specializes in JS frameworks.

From The Blog

  A slow website means a bad user experience, a high bounce rate, and SEO penalties...
  Building a website is hard, and making sure it performs well can be even harder. ...
  Migrating from Drupal 7 to Drupal 8/9 Drupal 7 was released in 2011, and since then it has...

Our clients

Awards

top app development company Seattle

top web development company USA

Top Mobile App Developers

Top Web Designers in Illinois