Critical bug in WordPress plugin could allow hackers to wipe entire sites

The vulnerability was found in the ThemeGrill Demo Importer plugin that ships with WordPress themes sold by the web development company ThemeGrill.