Hackers are exploiting a critical flaw affecting >350,000 WordPress sites

Hackers are actively exploiting a vulnerability that allows them to execute commands and malicious scripts on Websites running File Manager, a WordPress plugin with more than 700,000 active installations, researchers said on Tuesday. Word of the attacks came a few hours after the security flaw was patched.

Attackers are using the exploit to upload files that contain webshells that are hidden in an image. From there, they have a convenient interface that allows them to run commands in plugins/wp-file-manager/lib/files/, the directory where…


More Info

About mblog.my

Check Also

First Look at Twenty Twenty-One, WordPress’s Upcoming Default Theme – WordPress Tavern

Fashion is ephemeral. Art is eternal. Indeed what is a fashion really? A fashion is …

Leave a Reply

Your email address will not be published. Required fields are marked *