More than 600,000 WordPress sites running vulnerable File Manager plugin versions are being attacked due to a critical remote code execution flaw, and the attackers have also been seen protecting the sites they compromised from other bad actors’ attacks.
This latest critical vulnerability in a WordPress plugin, a remote code execution flaw, is one of the most dangerous vulnerabilities because it gives the attacker the ability to run almost any code on the hacked site. While it\’s interesting that attackers have taken this one step further, protecting their malicious files they\’ve written to the compromised sites, the end result is still the same: the site is compromised, and the attacker was successful exploiting a flaw that has a released fix. It’s another strong reminder to keep software up to date and patched in a timely fashion to avoid getting exploited by known vulnerabilities.