Security News > 2020 > September > Attacks Targeting Recent WordPress File Manager Flaw Ramping Up
Attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager are ramping up, warns the Wordfence Threat Intelligence team at WordPress security company Defiant.
With over 700,000 active installs, File Manager is a highly popular WordPress plugin that provides admins with file and folder management capabilities.
The issue is related to code taken from the elFinder project, with the File Manager developers renaming the elFinder library's connector.
Attacks targeting the vulnerability were observed originating from more than 370,000 separate IP addresses, with almost no overlaps between the IPs used by the two most active attackers.
Site administrators are advised to update the File Manager plugin as soon as possible, but also to scan their website for possible compromise and to remove any malicious code they might find.