On September 1, news broke that attackers were actively exploiting a critical zero-day vulnerability in version 6.8 and earlier of the File Manager plugin for WordPress, as well as Pro versions 7.6 through 7.8. The vulnerability allows unauthenticated users to remotely execute code and upload malicious files on sites that have an outdated version of this plugin.
According to experts, “an attacker who exploits the vulnerability can steal private data, destroy the site or use it to carry out other attacks on other sites or their infrastructure.” Luckily, the developers of this plugin, which at the time the bug was known, had more than 700,000 active installations, quickly released update 6.9 of this plugin that fixes the bug.
However, last Friday, September 4, the Wordfence team reported that it detected a dramatic increase in the number of attacks trying to exploit the flaw on sites that have not installed the latest version of the plugin. According to their data, since the vulnerability was exploited for the first time until September 4, 1.7 million attacks were registered on sites, and those that do not have this plugin installed are being reviewed by bots that seek to detect vulnerable versions of the File Manager plugin.
According to the statistical data shown on the File Manager WordPress site, only 21.3% of the sites that have this plugin installed are running version 6.9 that includes the patch, therefore, there are still a large number of vulnerable sites.
We recommend those responsible for the WordPress sites that use this plugin to update as soon as possible to the latest version available and in case of being affected follow the instructions left by the File Manager developers or professional help if they are affected by this problem since This is a very serious issue that can affect both companies and you.
