Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

[ad_1]

Security Risk: High

Exploitation Level: Easy

DREAD Score: 9.8

Vulnerability: File upload

Patched Version: 6.9

Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website.

Users of our WAF were never vulnerable to this exploit. The Sucuri firewall blocks malicious payloads by default using our generic exploitation rules.

Technical Details

The vulnerability originated from the remains of a development environment on version 6.4 nearly 4 months ago, where a file was renamed to test certain features. The…

[ad_2]
More Info

About mblog.my

Check Also

Adding Images From Your Phone With Ease – WordPress.com News

Adding Images From Your Phone With Ease – WordPress.com News

[ad_1] We’re excited to share a new feature in the desktop editor and Jetpack mobile …

Leave a Reply

Your email address will not be published. Required fields are marked *