{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T10:52:16.974","vulnerabilities":[{"cve":{"id":"CVE-2020-36837","sourceIdentifier":"security@wordfence.com","published":"2024-10-16T07:15:08.927","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the reset_wizard_actions function in versions 1.3.4 through 1.6.1. This makes it possible for authenticated attackers to reset the WordPress database. After which, if there is a user named 'admin', the attacker will become automatically logged in as an administrator."},{"lang":"es","value":"El complemento ThemeGrill Demo Importer para WordPress es vulnerable a la omisión de autenticación debido a una verificación de capacidad faltante en la función reset_wizard_actions en las versiones 1.3.4 a 1.6.1. Esto hace posible que los atacantes autenticados restablezcan la base de datos de WordPress. Después de eso, si hay un usuario llamado 'admin', el atacante iniciará sesión automáticamente como administrador."}],"metrics":{"cvssMetricV31":[{"source":"security@wordfence.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":9.9,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":6.0}]},"weaknesses":[{"source":"security@wordfence.com","type":"Secondary","description":[{"lang":"en","value":"CWE-862"}]}],"references":[{"url":"https://raw.githubusercontent.com/themegrill/themegrill-demo-importer/master/CHANGELOG.txt","source":"security@wordfence.com"},{"url":"https://www.openwall.com/lists/oss-security/2020/02/19/1","source":"security@wordfence.com"},{"url":"https://www.webarxsecurity.com/critical-issue-in-themegrill-demo-importer/","source":"security@wordfence.com"},{"url":"https://www.wordfence.com/threat-intel/vulnerabilities/id/8c0dc694-854e-4f96-8c2d-7251c41a3ee9?source=cve","source":"security@wordfence.com"}]}}]}