← Back

Themegrill Demo Importer

themegrill_demo_importer

Vendor: Themegrill • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2020-36334
1Themegrill
1Themegrill Demo Importer
Nov 21, 2024
May 5, 2021
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
themegrill-demo-importer before 1.6.3 allows CSRF, as demonstrated by wiping the database.
CVE-2020-36333
1Themegrill
1Themegrill Demo Importer
Nov 21, 2024
May 5, 2021
N/A· v4
9.1 CRITICAL· v3
6.4 MEDIUM· v2
themegrill-demo-importer before 1.6.2 does not require authentication for wiping the database, because of a reset_wizard_actions hook.