Friday, January 22, 03:55
Home security Bug in File Manager plugin exposes 300.000+ Wordpress sites to hackers!

Bug in File Manager plugin exposes 300.000+ WordPress sites to hackers!

Hackers exploit a critical remote code execution bug in the WordPress File Manager plugin with the goal of uploading scripts and execute arbitrarily code in WordPress sites that run vulnerable versions of the plugin. The File Manager plugin, which allows users to easily manage archives directly from WordPress, is installed on more than 700.000 WordPress sites.

The bug was discovered by Gonzalo Cruz, an Arsys researcher, who confirmed that hackers have already started exploiting it to upload malicious PHP files to vulnerable sites. This bug affects all publications between 6.0 and 6.8 of the popular plugin. The developers of the plugin fixed it immediately, with the release of version 6.9.

bug WordPress Manager File plugin

Cruz briefed the company security WordPress Wordfence, which then confirmed attack, while its Web Application Firewall has already blocked over 450.000 exploitation attempts in recent days.

In particular, Wordfence stated that firewall has blocked more than 450.000 attempts exploitation this bug in recent days, noticing that hackers are trying to enter random files, which seem to start with the word "Hard" or "x". From the firewall data regarding the attack, it was found that the intruders may be checking the bug with empty files, while they may even attempt to import malicious files. The following is a list of some of the uploaded files:

  • hardfork.php
  • hardfind.php
  • x.php ”
bug WordPress sites

Wordfence experts confirm that hackers are trying to upload PHP files by hiding webshells within images in wp-content / plugins / wp-file-manager / lib / files / folder. Thus, they recommend the immediate update of the File Manager plugin with the latest version, 6.9.

The plugin has been downloaded more than 126.000 times in the last two days, which means that at least 574.000 WordPress sites may be exposed to hackers. Finally, it is worth noting that 51,5%, ie over 300.000, of sites that use the File Manager plugin, run a vulnerable version.


Please enter your comment!
Please enter your name here

Every accomplishment starts with the decision to try.


Mac: How to see which model you have and when it was released

When you need support for your Mac - or want to install some kind of upgrade - you usually need to know the exact ...

Bill Gates: Will he work with Biden on COVID-19 / climate change?

Microsoft co-founder Bill Gates said on Twitter that he is looking forward to working with the new US President, Joe Biden, and ...

What are the rumors circulating about the iPhone 13?

Apple iPhone 13 will have a redesigned Face ID system that will have a smaller notch at the top of the screen, ...

Biden: How was the political transition in the US captured on social media?

As Joe Biden was sworn in as President of the United States, this important political transition was captured on popular social media. On January 20, ...

CentOS ceases to be supported but RHEL is offered for free

Last month, Red Hat caused a great deal of concern in the Linux world when it announced the discontinuation of CentOS Linux.

Microsoft Office 365 employee passwords leaked online!

A new large-scale phishing campaign targeting global organizations has been found to bypass Microsoft Office 365 Advanced Threat Protection (ATP) and ...

COSMOTE and Microsoft provide new cloud solutions for businesses

COSMOTE and Microsoft expand their cooperation, offering even more advanced and high quality cloud solutions, in large and small ...

Cyber ​​attacks in Eastern Europe are on the rise!

The cyber-attacks that have taken place in many US government agencies and companies in recent months have caused concern in the developing countries of ...

Tesla reduces the prices of the Model 3 in Europe

Tesla has reduced the prices of the Model 3 in many European markets, which reductions could be partly linked ...

iOS, Android, XBox users in the crosshairs of a new malvertising campaign

Recently a new malvertising campaign was discovered that targets users of mobile and other connected devices and uses effective ...