WP-CopySafe-Web and WP-CopySafe-PDF zero-day vulnerabilites Updated on June 10, 2014 by Jeff Matson 0 Minutes, 47 Seconds to Read A very serious zero-day vulnerability has been found with the WP-CopySafe-Web and WP-CopySafe-PDF WordPress plugins, which allows users to arbitrarily upload code, including a PHP shell to fully exploit a user’s files. This first appeared a few days ago on hacker sites and is being widely sold. What if I am affected? If you are running either of these plugins, you will need to fully remove them immediately as they can lead to your site becoming completely compromised, including the loss of all data. Be sure to fully remove it and not simply deactive the plugins as you will still be vulnerable to attack. If possible, we recommend that you revert to any previous backups you may have made as well to ensure that you have not already been compromised. Security scans such as Sucuri SiteCheck can also be run on the site to ensure that there is not malicious code running on any of your pages. Share this Article Related Articles How to Increase WordPress Memory Limit and Execution Time WooCommerce Setup Guide How to Create an Admin Account in WordPress via MySQL How to Add Google Analytics to WordPress Using the Jetpack Newsletter Subscription Form Benefits of Joining the WordPress Community Online How to Add Social Media Icons and Social Media Buttons to WordPress Create a Footer for WordPress How to Google Analytics to WordPress Without a Plugin Choose the Style of Your WordPress Homepage
