Searchenginejournal.com

WordPress File Manager Plugin Vulnerability Affects +1 Million Websites

A significant security vulnerability has been identified and patched in the widely used File Manager plugin for WordPress, affecting over 1 million websites. The vulnerability is rated 8.1 out of 10 ...
Threat Post

WordPress File Management Plugin Riddled with Critical Bugs

The bugs allow a range of attacks on websites, including deleting blog pages and remote code execution. A critical cross-site scripting (XSS) bug impacts WordPress sites running the Frontend File ...
ZDNet

WordPress File Manager plugin flaw causing website hijack exploited in the wild

The file in question was pulled by third-party dependency elFinder and used as a code reference. An extension added to the file, the rename of connector-minimal.php-dist to connector-minimal.php, was ...

WordPress plugin with 900k installs vulnerable to critical RCE flaw

A critical vulnerability in the WPvivid Backup & Migration plugin for WordPress, installed on more than 900,000 websites, can be exploited to achieve remote code execution by uploading arbitrary files ...
Bleeping Computer

Hackers actively exploiting severe bug in over 300K WordPress sites

Hackers are actively exploiting a critical remote code execution vulnerability allowing unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable ...
Searchenginejournal.com

Nine WordPress Plugins Expose Over 1.3 Million Sites To Exploits

The United States Government Vulnerability Database and WordPress security researchers published alerts of WordPress plugin vulnerabilities. Among those plugins, nine of the most popular plugins ...