Attackers take advantage of a critical remote execution defect code affecting over 600.000 WordPress sites. The vulnerability we mentioned in a previous publication and concerns websites running vulnerable versions of it Plugin FileManager.
Critical vulnerability allows unauthorized users to upload malicious PHP files and run amalicious code. The File Manager development team addressed the flaw with the release of File Manager 6.9.
Although the flaw was fixed immediately when the developers were informed by the person in charge security of Seravo Ville Korhonen, who discovered 0day and the ongoing attacks trying to exploit it, researchers from security firm Defiant identified more than 1,7 million vulnerable websites from September 1st to September 3rd.
In an updated report released today, Defiant threat analyst Ram Gall states that hackers have not stopped their "siege", and the total number of WordPress sites they target has reached 2,6 million.