{"id":5300,"date":"2020-09-07T13:11:52","date_gmt":"2020-09-07T07:41:52","guid":{"rendered":"https:\/\/www.skynats.com\/?p=5300"},"modified":"2020-09-07T13:11:52","modified_gmt":"2020-09-07T07:41:52","slug":"wordpress-zero-day-vulnerability-in-file-manager-plugin","status":"publish","type":"post","link":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/","title":{"rendered":"WordPress Zero-Day Vulnerability in File Manager Plugin"},"content":{"rendered":"\n<p>Several WordPress sites are being probed and attacked in this week over 700000 active installations. This is caused due to the WordPress Zero-Day Vulnerability in <strong><a href=\"https:\/\/wordpress.org\/plugins\/wp-file-manager\/\" target=\"_blank\" rel=\"noreferrer noopener\">File Manager Plugin<\/a><\/strong> in WordPress and this will help unauthenticated users to execute commands and upload malicious files on websites. A new patch 6.9 was released on September 1 and this will be a solution for this vulnerability. Wordfence deployed an additional firewall rule for preventing this vulnerability. The Zero-day vulnerability affected plugin details are given below:<\/p>\n\n\n\n<p>We are managing a lot of WordPress websites under our <strong><a href=\"https:\/\/www.skynats.com\/linux-server-management\/\" target=\"_blank\" rel=\"noreferrer noopener\">Server Management<\/a><\/strong> plan and we will be doing regular updates by our expert engineers to prevent all vulnerabilities.<\/p>\n\n\n\n<pre class=\"wp-block-code\"><code>Description: Remote Code Execution (RCE)\nAffected Plugin: File Manager\nPlugin Slug : wp-file-manager\nAffected Versions: 6.0 - 6.8\nCVSS Score: 10.00 (Critical)\n\nSolution :\nPatched version: 6.9<\/code><\/pre>\n\n\n\n<p>File Manager plugin helps WordPress administrators to upload and manage their site files, this plugin contains an additional library, elFinder. The source of the issue starts with the file manager plugin renaming the extension on the elFinder library&#8217;s connector.minimal.php.dist file to x.php, so it could be executed directly, even though the connecter file was not used by the File Manager itself. But elFinder has built-in protection against directory traversal.<\/p>\n\n\n\n<p>In this type of library, there are example files that can access by anyone. This file could be used to initiate an elFinder command and was hooked to elFinderConnector.class.php file.<\/p>\n\n\n\n<p>The hackers tried to inject this type of files recently;<\/p>\n\n\n\n<ol class=\"wp-block-list\"><li>hardfork.php<\/li><li>hardfind.php<\/li><li>x.php<\/li><\/ol>\n\n\n\n<p>If your site were injected by these files you can see in \/wp-content\/plugins\/wp-file-manager\/lib\/files directory of the WordPress site.<\/p>\n\n\n\n<p>So from here, we can conclude that this zero-day vulnerability in the File Manager plugin can be prevented by updating the plugin to a 6.9 version immediately.<\/p>\n\n\n\n<figure class=\"wp-block-pullquote is-style-default\"><blockquote class=\"has-text-color has-vivid-red-color\"><p><strong>Prevent your website from Downtimes<\/strong><\/p><cite>Get our experts to manage your server with weekly auditing and 24\/7 monitoring<\/cite><div class=\"wp-block-button\"><a href=\"https:\/\/www.skynats.com\/linux-server-management\/\" class=\"wp-block-button__link\" style=\"color: white;margin-top: 10px;\">GET STARTED NOW<\/a><\/div><\/blockquote><\/figure>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Several WordPress sites are being probed and attacked in this week over 700000 active installations. This is caused due to the WordPress Zero-Day Vulnerability in File Manager Plugin in WordPress and this will help unauthenticated users to execute commands and upload malicious files on websites. A new patch 6.9 was released on September 1 and [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,68],"tags":[76,78,72,137,138,139],"class_list":["post-5300","post","type-post","status-publish","format-standard","hentry","category-blog","category-server-management","tag-hacked-wordpress","tag-secure-wordpress","tag-server-management","tag-wordpress-updates","tag-wordpress-vulnerability","tag-wp-file-manager-plugin"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.9 (Yoast SEO v27.5) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>WordPress Zero-Day Vulnerability in File Manager Plugin | Skynats<\/title>\n<meta name=\"description\" content=\"Several wordpress sites are being probed and attacked to zero-day vulnerability in wp file manager plugin. Upgrade Now!!\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"WordPress Zero-Day Vulnerability in File Manager Plugin\" \/>\n<meta property=\"og:description\" content=\"Several wordpress sites are being probed and attacked to zero-day vulnerability in wp file manager plugin. Upgrade Now!!\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/\" \/>\n<meta property=\"og:site_name\" content=\"Server Management Services | Cloud Management | Skynats\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/skynats\" \/>\n<meta property=\"article:published_time\" content=\"2020-09-07T07:41:52+00:00\" \/>\n<meta name=\"author\" content=\"Pooja V\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@skynatstech\" \/>\n<meta name=\"twitter:site\" content=\"@skynatstech\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Pooja V\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wordpress-zero-day-vulnerability-in-file-manager-plugin\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wordpress-zero-day-vulnerability-in-file-manager-plugin\\\/\"},\"author\":{\"name\":\"Pooja V\",\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#\\\/schema\\\/person\\\/030d5856dd5166055eecc07218d2455e\"},\"headline\":\"WordPress Zero-Day Vulnerability in File Manager Plugin\",\"datePublished\":\"2020-09-07T07:41:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wordpress-zero-day-vulnerability-in-file-manager-plugin\\\/\"},\"wordCount\":304,\"publisher\":{\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#organization\"},\"keywords\":[\"hacked wordpress\",\"secure wordpress\",\"server management\",\"wordpress updates\",\"wordpress vulnerability\",\"wp file manager plugin\"],\"articleSection\":[\"Blog\",\"server management\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wordpress-zero-day-vulnerability-in-file-manager-plugin\\\/\",\"url\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wordpress-zero-day-vulnerability-in-file-manager-plugin\\\/\",\"name\":\"WordPress Zero-Day Vulnerability in File Manager Plugin | Skynats\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#website\"},\"datePublished\":\"2020-09-07T07:41:52+00:00\",\"description\":\"Several wordpress sites are being probed and attacked to zero-day vulnerability in wp file manager plugin. Upgrade Now!!\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wordpress-zero-day-vulnerability-in-file-manager-plugin\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wordpress-zero-day-vulnerability-in-file-manager-plugin\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wordpress-zero-day-vulnerability-in-file-manager-plugin\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"WordPress Zero-Day Vulnerability in File Manager Plugin\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/\",\"name\":\"Server Management Services | Cloud Management | Skynats\",\"description\":\"Server Management and Cloud Management\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#organization\",\"name\":\"Skynats Technologies\",\"url\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/Sknats-Logo-New-whole.png\",\"contentUrl\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/08\\\/Sknats-Logo-New-whole.png\",\"width\":989,\"height\":367,\"caption\":\"Skynats Technologies\"},\"image\":{\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/skynats\",\"https:\\\/\\\/x.com\\\/skynatstech\",\"https:\\\/\\\/www.instagram.com\\\/skynatstech\\\/\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/skynats-technologies\",\"https:\\\/\\\/www.youtube.com\\\/channel\\\/UCvTAjrFJ4_E2MJKwlDHomlg\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.skynats.com\\\/blog\\\/#\\\/schema\\\/person\\\/030d5856dd5166055eecc07218d2455e\",\"name\":\"Pooja V\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acf2642637f84bdab7ffece47787a6a4ee655dab6404beac2a1a33db563041c4?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acf2642637f84bdab7ffece47787a6a4ee655dab6404beac2a1a33db563041c4?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/acf2642637f84bdab7ffece47787a6a4ee655dab6404beac2a1a33db563041c4?s=96&d=mm&r=g\",\"caption\":\"Pooja V\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"WordPress Zero-Day Vulnerability in File Manager Plugin | Skynats","description":"Several wordpress sites are being probed and attacked to zero-day vulnerability in wp file manager plugin. Upgrade Now!!","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/","og_locale":"en_US","og_type":"article","og_title":"WordPress Zero-Day Vulnerability in File Manager Plugin","og_description":"Several wordpress sites are being probed and attacked to zero-day vulnerability in wp file manager plugin. Upgrade Now!!","og_url":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/","og_site_name":"Server Management Services | Cloud Management | Skynats","article_publisher":"https:\/\/www.facebook.com\/skynats","article_published_time":"2020-09-07T07:41:52+00:00","author":"Pooja V","twitter_card":"summary_large_image","twitter_creator":"@skynatstech","twitter_site":"@skynatstech","twitter_misc":{"Written by":"Pooja V","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/#article","isPartOf":{"@id":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/"},"author":{"name":"Pooja V","@id":"https:\/\/www.skynats.com\/blog\/#\/schema\/person\/030d5856dd5166055eecc07218d2455e"},"headline":"WordPress Zero-Day Vulnerability in File Manager Plugin","datePublished":"2020-09-07T07:41:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/"},"wordCount":304,"publisher":{"@id":"https:\/\/www.skynats.com\/blog\/#organization"},"keywords":["hacked wordpress","secure wordpress","server management","wordpress updates","wordpress vulnerability","wp file manager plugin"],"articleSection":["Blog","server management"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/","url":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/","name":"WordPress Zero-Day Vulnerability in File Manager Plugin | Skynats","isPartOf":{"@id":"https:\/\/www.skynats.com\/blog\/#website"},"datePublished":"2020-09-07T07:41:52+00:00","description":"Several wordpress sites are being probed and attacked to zero-day vulnerability in wp file manager plugin. Upgrade Now!!","breadcrumb":{"@id":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.skynats.com\/blog\/wordpress-zero-day-vulnerability-in-file-manager-plugin\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.skynats.com\/blog\/"},{"@type":"ListItem","position":2,"name":"WordPress Zero-Day Vulnerability in File Manager Plugin"}]},{"@type":"WebSite","@id":"https:\/\/www.skynats.com\/blog\/#website","url":"https:\/\/www.skynats.com\/blog\/","name":"Server Management Services | Cloud Management | Skynats","description":"Server Management and Cloud Management","publisher":{"@id":"https:\/\/www.skynats.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.skynats.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.skynats.com\/blog\/#organization","name":"Skynats Technologies","url":"https:\/\/www.skynats.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.skynats.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.skynats.com\/blog\/wp-content\/uploads\/2021\/08\/Sknats-Logo-New-whole.png","contentUrl":"https:\/\/www.skynats.com\/blog\/wp-content\/uploads\/2021\/08\/Sknats-Logo-New-whole.png","width":989,"height":367,"caption":"Skynats Technologies"},"image":{"@id":"https:\/\/www.skynats.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/skynats","https:\/\/x.com\/skynatstech","https:\/\/www.instagram.com\/skynatstech\/","https:\/\/www.linkedin.com\/company\/skynats-technologies","https:\/\/www.youtube.com\/channel\/UCvTAjrFJ4_E2MJKwlDHomlg"]},{"@type":"Person","@id":"https:\/\/www.skynats.com\/blog\/#\/schema\/person\/030d5856dd5166055eecc07218d2455e","name":"Pooja V","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/acf2642637f84bdab7ffece47787a6a4ee655dab6404beac2a1a33db563041c4?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/acf2642637f84bdab7ffece47787a6a4ee655dab6404beac2a1a33db563041c4?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/acf2642637f84bdab7ffece47787a6a4ee655dab6404beac2a1a33db563041c4?s=96&d=mm&r=g","caption":"Pooja V"}}]}},"_links":{"self":[{"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/posts\/5300","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/comments?post=5300"}],"version-history":[{"count":0,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/posts\/5300\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/media?parent=5300"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/categories?post=5300"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.skynats.com\/blog\/wp-json\/wp\/v2\/tags?post=5300"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}