
WP-CopySafe-Web and WP-CopySafe-PDF zero-day vulnerabilites
A very serious zero-day vulnerability has been found with the WP-CopySafe-Web and WP-CopySafe-PDF WordPress plugins, which allows users to arbitrarily upload code, including a PHP shell to fully exploit a user's files. This first appeared a few days ago on hacker sites and is being widely sold.
What if I am affected?
If you are running either of these plugins, you will need to fully remove them immediately as they can lead to your site becoming completely compromised, including the loss of all data. Be sure to fully remove it and not simply deactive the plugins as you will still be vulnerable to attack.
If possible, we recommend that you revert to any previous backups you may have made as well to ensure that you have not already been compromised. Security scans such as Sucuri SiteCheck can also be run on the site to ensure that there is not malicious code running on any of your pages.
Related Questions
Support Center Login
Our Login page has moved, Click the button below to be taken to the login page.Search
Ask the Community!
Current Customers
Chat: | Click to Chat Now | E-mail: | support@InMotionHosting.com |
---|---|---|---|
Call: | 888-321-HOST (4678) | Ticket: | Submit a Support Ticket |
Post a Comment