700,000 WordPress Sites Affected By Zero-day Vulnerability in File Manager Plugin

Yesterday a zero-day vulnerability was discovered in a popular WordPress plugin File Manager. The vulnerability allows arbitrary file upload and remote code execution.

File Manager plugin is a useful plugin that allows users to browse site files in an easy way. The plugin has over 700000 active installations that make it a desired target for attackers.

Yesterday the vulnerability was discovered by Seravo as part of their WordPress upkeep service. They noticed unusual activity on several of their customers websites and further investigation revealed the severe vulnerability in the File Manager plugin.

The way these vulnerability works is because of the execution of connector.minimal.php file. This file loads another file libphpelFinderConnector.class.php that can read postget variables that can execute File Manager features like file uploading.

Since the PHP scripts are allowed to be executed an attacker can upload unauthenticated arbitrary PHP files and execute them.

...

Read Full Post

News Link: http://www.linuxandubuntu.com/home/700000-wordpress-sites-affected-by-zero-day-vulnerability-in-file-manager-plugin.
RSS Link: http://www.linuxandubuntu.com/feed/rss.

Linux Chatter is a news aggregator service that curates some of the best Linux, Cloud, Technical Guides, Hardware and Security news. We display just enough content from the original post to spark your interest. If you like the topic, then click on the 'read full post' button to visit the author's website. Use Linux Chatter to find content from amazing authors!

Note: The content provided has been modified and is not displayed as intended by the author. Any trademarks, copyrights and rights remain with the source.

Disclaimer: Linux Chatter sources content from RSS feeds and personal content submissions. The views and opinions expressed in these articles are those of the authors and do not necessarily reflect those of Linux Chatter.