Global CyberSecurity

Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

By OTC 09/03/2020

0

Post Views: 672

Last Updated on 09/03/2020 by OTC

Yesterday, the WordPress plugin File Manager was updated, fixing a critical vulnerability allowing any website visitor to gain complete access to the website.

Users of our WAF were never vulnerable to this exploit. The Sucuri firewall blocks malicious payloads by default using our generic exploitation rules.

Technical Details

The vulnerability originated from the remains of a development environment on version 6.4 nearly 4 months ago, where a file was renamed to test certain features.

Continue reading Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites at Sucuri Blog.

Comments

Comments are closed.

More in Global CyberSecurity

Global CyberSecurity

JavaScript Malware Switches to Server-Side Redirects & DNS TXT Records as TDS

By OTC04/18/2024

Global CyberSecurity

WordPress Maintenance: Tasks & Best Practices

By OTC04/16/2024

Global CyberSecurity

Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker

By OTC04/11/2024

error: Content is protected !!