Theme Grill Security Patch Addon

(5 customer reviews)




Better! ThemeGrill Security Patch Extension

“All websites using any of the popular ThemeGrill extensions may still be vulnerable even after the patched version of the extensions have been installed. Our extension provides a better security update that makes the vulnerable website secure and it also displays logs of all login attempts so that the admin can take actions like ip blocking.”

Overview of Better! ThemeGrill Security Patch Extension.
Hundreds of thousands of websites have been compromised and the numbers continue to rise because of a common vulnerability found in all ThemeGrill themes and extensions. ThemeGrill has released immediate patches and updates to all its products but they have not been able to completely stop the exploitation and takeover of websites that use their themes or extensions.

We received help requests for several cases where we fully patched websites were still vulnerable and had to come up with a better security patch. We advise all website owners using the theme to install Better! ThemeGrill Security Patch Extension for version 1.3.4 to 1.6.1 of the ThemeGrill demo importer plugin (Most common versions) for better security.

Why Better! ThemeGrill Security Patch Extension?
If you have a live website with customizations, its very likely that updating the extension will cause some issues. This extension provides better security than updating the extension while lowering the risk of something else breaking on the website. All versions from 1.3.4 to 1.6.1 are advised to install this extension.

Better security means that we take additional measures to ensure that hackers cant use any NEW VULNERABILITY in ThemeGrill to take over your website.

The extension provides the site administrator with a log of all illegal login attempts so that they can block the IP of the user of need be.

How does Better! ThemeGrill Security Patch Extension Work?
The extension helps to fight attacks that come in form of skillfully constructed payload sent by the hackers to unsecured sites which infiltrates and activates a function inside the plugin. With the Progos ThemeGrill security extension, you’ll be able to block any hacker from accessing full admin rights on your site.

Technical Explanation:
Exploitation occurs when the plugin detects that a ThemeGrill theme is being installed and activated, it automatically loads the file “ /includes/class-demo-importer.php”, which in turns hooks on line 44. The “admin_init” hook usually extends into the admin environment and also stretches to “/wp-admin/admin-ajax.php”, which doesn’t necessitate an authenticated user.
The lack of authentication is what makes exploitation possible by hackers. An unauthenticated attacker can use this to get logged-in if the “admin” user exists in the database by dropping all the WordPress tables that start with a defined database prefix.

How to Install Better! ThemeGrill Security Patch Extension.

  • You can install the plugin either through plugin directory or by simply uploading the files to your server.

What is ‘Passphrase Security’ and why is it required?
A Passphrase is a sentence-like series of words that’s used for authentication, which is less easy to guess or crack when compared to the use of basic traditional passwords. A Passphrase can reach up to 100-150 characters in length.

Keep in mind that the plugin’s change-logs is usually monitored by hackers to detect security bug fixes and to compare different versions in order to see what’s fixed and what isn’t. This allow attackers to act before users are able to update the plugin, hence updating the plugins as fast as possible is very key. We should be careful that it is not expected of any firewall to block this threat by default, and hence a special rule needs to be created to block this vulnerability to allow WordPress users continue safely.

5 reviews for Theme Grill Security Patch Addon

  1. Kiera

    Amazing!! The issue is fixed.

  2. Marcelle

    Awesome Plugin. Highly Recommended!

  3. Lisa

    Waaooo!!! Excellent Plugin, Robust Solution. Thank You!

  4. Rahul

    OMG!!! Finally, Its fixed. Thanks Progos ;o

  5. Mikel

    Does exactly what it says, works great.

Add a review

Your email address will not be published. Required fields are marked *