ZDNet

WordPress File Manager plugin flaw causing website hijack exploited in the wild

The file in question was pulled by third-party dependency elFinder and used as a code reference. An extension added to the file, the rename of connector-minimal.php-dist to connector-minimal.php, was ...
Searchenginejournal.com

WordPress File Manager Plugin Vulnerability Affects +1 Million Websites

A significant security vulnerability has been identified and patched in the widely used File Manager plugin for WordPress, affecting over 1 million websites. The vulnerability is rated 8.1 out of 10 ...
Threat Post

WordPress File Management Plugin Riddled with Critical Bugs

The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution. A critical cross-site scripting (XSS) bug impacts WordPress sites running the Frontend File ...
GIGAZINE

A serious vulnerability affecting more than 350,000 WordPress sites was discovered, and there were reports that more than 450,000 attacks were made in a few days

File Manager plugin that could allow remote code execution. By exploiting this vulnerability, it is possible to steal data, destroy the site itself, or embed malicious code, affecting more than ...
Dark Reading

WordPress Plug-in Has Critical Zero-Day

A popular plug-in for WordPress is the subject of a zero-day vulnerability that may expose more than 700,000 sites to malicious exploit. The WordPress File Manager plug-in is generally used to allow ...
The Hindu

Millions of WordPress sites hacked due to a zero-day vulnerability

Millions of WordPress files have been attacked as hackers targeted a zero-day vulnerability in the WordPress File Manager plugin installed in over 7,00,000 WordPress websites. It is estimated that ...