InMotion Hosting Support Center

A very serious zero-day vulnerability has been found with the WP-CopySafe-Web and WP-CopySafe-PDF WordPress plugins, which allows users to arbitrarily upload code, including a PHP shell to fully exploit a user's files. This first appeared a few days ago on hacker sites and is being widely sold.

What if I am affected?

If you are running either of these plugins, you will need to fully remove them immediately as they can lead to your site becoming completely compromised, including the loss of all data. Be sure to fully remove it and not simply deactive the plugins as you will still be vulnerable to attack.

If possible, we recommend that you revert to any previous backups you may have made as well to ensure that you have not already been compromised. Security scans such as Sucuri SiteCheck can also be run on the site to ensure that there is not malicious code running on any of your pages.

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!
Ask a Question

Support Center Login

Our Login page has moved, Click the button below to be taken to the login page.

Post a Comment

Email Address:
Phone Number:

Please note: Your name and comment will be displayed, but we will not show your email address.

0 Questions & Comments

Post a comment

Back to first comment | top

Need more Help?


Ask the Community!

Get help with your questions from our community of like-minded hosting users and InMotion Hosting Staff.

Current Customers

Chat: Click to Chat Now E-mail:
Call: 888-321-HOST (4678) Ticket: Submit a Support Ticket

Not a Customer?

Get web hosting from a company that is here to help. Sign up today!