ZDNet

WordPress File Manager plugin flaw causing website hijack exploited in the wild

According to the Sucuri WordPress security team, the vulnerability emerged in version 6.4 of the software, which is used as an alternative to FTP in managing file transfers, copying, deletion, and ...
Threat Post

WordPress File Management Plugin Riddled with Critical Bugs

The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution. A critical cross-site scripting (XSS) bug impacts WordPress sites running the Frontend File ...
Searchenginejournal.com

WordPress File Manager Plugin Vulnerability Affects +1 Million Websites

A significant security vulnerability has been identified and patched in the widely used File Manager plugin for WordPress, affecting over 1 million websites. The vulnerability is rated 8.1 out of 10 ...
Searchenginejournal.com

Vulnerability In 3 WordPress File Plugins Affects 1.3 Million Sites

An advisory was issued for three WordPress file management plugins that are affected by a vulnerability that allows unauthenticated attackers delete arbitrary files. The three plugins are installed in ...
Bleeping Computer

Hackers actively exploiting severe bug in over 300K WordPress sites

Hackers are actively exploiting a critical remote code execution vulnerability allowing unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable ...
Threat Post

Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers

A stored XSS and arbitrary file-upload bug can be paired with an authorization bypass to wreak havoc. Vulnerabilities in the Brizy Page Builder plugin for WordPress sites could be chained together to ...