Threat actors target WordPress sites using vulnerable File Manager install

From securityaffairs.co

Experts reported threat actors are increasingly targeting a recently addressed vulnerability in the WordPress plugin File Manager.

Researchers from WordPress security company Defiant observed a surge in the number of attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager.

In early September, experts reported that hackers were actively exploiting a critical remote code execution vulnerability in the File Manager WordPress plugin that could be exploited by unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable versions of the plugin.

Read more…