Defiant Inc., which produces the Wordfence Web firewall, reported that millions of WordPress sites have been attacked by hackers exploiting a zero-day vulnerability in the "File Manager" WordPress plugin.
The zero-day vulnerability enables attackers to upload malicious files on a site running an older version of the plugin.
Defiant's Ram Gall said the firm had blocked attacks against more than 1.7 million sites since the attacks were first detected on Sept. 1.
However, given that WordPress is installed on hundreds of millions of sites, Gall said the true scale of the attacks likely is much larger.
The File Manager developer team has created and released a patch for the zero-day vulnerability.
View Full Article
Abstracts Copyright © 2020 SmithBucklin, Washington, DC, USA
No entries found