A new vulnerability has come forward after hackers have reportedly exploited it. The hackers are able to execute commands and malicious scripts on the website running File Manager. The File Manager is a plugin which is used in WordPress. It has around 700000 active installations currently. The research was launched on Tuesday regarding the same issue. As per the report, the attackers are using the vulnerability to upload files containing web shells, hidden in images. The hackers then have a convenient interface through which they can run commands in plugins of the File Manager. This vulnerability can cause a lot of damage. The hackers can upload the scripts to carry out certain actions.
NinTechNet reported the issue. It is the security firm from Bangkok. According to the post posted by the firm, the hackers are exploiting the vulnerability by uploading script titled hardfork.php. This script can be used to inject code into the WordPress script. Another post was posted on the same issue by another website security firm called Wordfence. They also clarified that they have blocked more than 450,000 exploit attempts. They also said that the attackers are actively trying to inject various files on vulnerable networks. Sometimes, hackers are also seen uploading empty files. The names of the files uploaded on these networks are hardfork.php, hardfind.php, and x.php.
The plugin exploited by hackers is used to manage files running the WordPress content management system. The vulnerability in the plugin has arisen because of the way elFinder, an open-source library is implemented in it. The problem with the open-source library is that it can be accessed by anyone. It does not have any access controls and the file also have no direct access restrictions. A contractor setting up WordPress sites and securing them also tweeted about the issue and said that the problem was quite serious.