Attackers take advantage of a critical remote code execution flaw that affects over 600.000 WordPress sites. The vulnerability we mentioned in a previous publication and concerns websites that run vulnerable versions of the File Manager plugin.
Critical vulnerability allows unauthorized users to upload malicious PHP files and run malicious code. The File Manager developer team addressed the issue with the release of File Manager 6.9.
Although the flaw was fixed immediately when developers were notified by Seravo security chief Ville Korhonen, who discovered the 0day and the ongoing attacks that were trying to exploit it, researchers from the security company Defiant identified more than 1,7 million vulnerable 1st to 3rd of September.
In an updated report released today, Defiant threat analyst Ram Gall states that hackers have not stopped their "siege", and the total number of WordPress sites they target has reached 2,6 million.
Read them Technology News from all over the world, with the validity of iGuRu.gr
Follow us on Google News
Zoom: adds 2FA support to all accounts
»
Comment Policy:
IGuRu.gr does not publish the comments immediately. Malicious comments, comments that include ads, or comments that are offensive are deleted without notice. We do not adopt the opinions expressed by our readers.
Your comments will be displayed after approval by the administrators