WP-CopySafe-Web and WP-CopySafe-PDF zero-day vulnerabilites

A very serious zero-day vulnerability has been found with the WP-CopySafe-Web and WP-CopySafe-PDF WordPress plugins, which allows users to arbitrarily upload code, including a PHP shell to fully exploit a user’s files. This first appeared a few days ago on hacker sites and is being widely sold.

What if I am affected?

If you are running either of these plugins, you will need to fully remove them immediately as they can lead to your site becoming completely compromised, including the loss of all data. Be sure to fully remove it and not simply deactive the plugins as you will still be vulnerable to attack.

If possible, we recommend that you revert to any previous backups you may have made as well to ensure that you have not already been compromised. Security scans such as Sucuri SiteCheck can also be run on the site to ensure that there is not malicious code running on any of your pages.

Was this article helpful? Join the conversation!