The Wordfence Threat Intelligence team is seeing a dramatic increase in attacks targeting the recent 0-day in the WordPress File Manager plugin. This plugin is installed on over 700,000 WordPress websites, and we estimate that 37.4% or 261,800 websites are still running vulnerable versions of this plugin at the time of this publication.
Attacks are Exploiting File Upload Vulnerability
Attacks against this vulnerability have risen dramatically over the last few days. Wordfence has recorded attacks against over 1 million sites today, September 4, 2020, as of 9 AM Pacific Time. Sites not using this plugin are still being