This plugin is a hacking tool basically

  • Resolved JoeGP

    (@joegp)


    4 years, 2 months ago

    I got a message from my hosting provider today that a regular malware check found a trojan in one of the php files belonging to this plugin:

    {CAV}Win.Trojan.Hide-1 : /home/(edited_out)/public_html/wp-content/plugins/wp-file-manager/lib/files/FecCff.php

    We DID NOT install this plugin, the hosting provider said this was probably because something on the site was out of date and that allowed a hacker to get in, and he/she most likely installed this plugin since it gives them access to basically all the files on the server and they used this plugin to even change the password for the cPanel login.

    I’m sorry to say but it looks like this plugin should not exist, or at least not be available to the general public.

    I don’t need any help, i just need this plugin to not exist anymore.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author mndpsingh287

    (@mndpsingh287)

    Hi @joegp

    We take security very seriously, and apologize to our community for any inconvenience or issues that have been caused. We urge users to update to the latest version, immediately since it contains a patch for this vulnerability and will keep you protected.

    Please update the File Manager plugin immediately to v6.9 if you are using File Manager Free, or to v8.0 if you are using File Manager Pro. Here is some documentation to assist you with the process: https://filemanagerpro.io/article/how-to-download-latest-version-of-file-manager-pro

    Send us a support ticket by using this link?https://filemanagerpro.io/contact?we will be able to better assist you on your issue.

    Thanks

    I’ve been dealing with this all day. It happens.

    This isn’t just File Manager, but Cisco and Windows 10 Sandbox.

    Thanks for the fix.

    Thread Starter JoeGP

    (@joegp)

    @mndpsingh287 Turns out the client hired someone else to design the website and they are the ones who installed the plugin, and the vulnerability in the plugin was exploited by a hacker, so i guess it’s not a hack tool, but i’m pretty sure it could be misused.
    I just deleted it.

    @duckofdeath what are you even talking about ? and why are you replying here ? you are clearly not replying to my topic.

    I had a client site hacked because of this. I tried updating the plugin but got the error “upload failed: download filed. file does not exist” so I ended up deleting the plugin completely. I was running version 6.5 which seems pretty old so the update must have been failing for weeks. I keep the site regularly updated and patched, and I had not noticed this one plugin update was failing.

    Plugin Support File Manager Support

    (@filemanagersupport)

    Hey @linkbrightmedia,

    We are very sorry for the inconvenience this has caused you. Due to the vulnerability we urge customers to upgrade to v6.9 immediately.

    Please deactivate and delete File Manager and re-download it using this link:
    https://downloads.www.ads-software.com/plugin/wp-file-manager.zip

    We would like to learn more about your experience, please reach out to us at Support using this link https://filemanagerpro.io/contact and we will be happy to walk you through the process or help you out with anything else you need.

    Thanks!

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘This plugin is a hacking tool basically’ is closed to new replies.

Tags