WP-CopySafe-Web and WP-CopySafe-PDF zero-day vulnerabilites Updated on June 10, 2014 by Jeff Matson 0 Minutes, 47 Seconds to Read A very serious zero-day vulnerability has been found with the WP-CopySafe-Web and WP-CopySafe-PDF WordPress plugins, which allows users to arbitrarily upload code, including a PHP shell to fully exploit a user’s files. This first appeared a few days ago on hacker sites and is being widely sold. What if I am affected? If you are running either of these plugins, you will need to fully remove them immediately as they can lead to your site becoming completely compromised, including the loss of all data. Be sure to fully remove it and not simply deactive the plugins as you will still be vulnerable to attack. If possible, we recommend that you revert to any previous backups you may have made as well to ensure that you have not already been compromised. Security scans such as Sucuri SiteCheck can also be run on the site to ensure that there is not malicious code running on any of your pages. Share this Article Related Articles How to Backup WordPress with the BackWPup Plugin Learn How to Install and Use Mailchimp in WordPress How to Create and Manage 301 Redirects in WordPress How to Add PayPal to WordPress Website Using Video Conferencing with Zoom – WordPress Plugin Create a WordPress News Website with the WP News and Scrolling Widgets plugin Getting Started: Constant Contact Plugin for WordPress Install and Use the Advanced Editor Tools WordPress Plugin The Yoast SEO Plugin: Optimize Your Website to Boost Traffic GiveWP Donation WordPress Plugin
