Critical zero-day vulnerability fixed in WordPress File Manager (700,000+ installations). The popular WordPress File Manager plugin (700,000+ installations) fixed a critical zero-day vulnerability affecting version 6.8 and below. The vulnerability allows an unauthenticated user to run the file manager commands by directly accessing an unprotected file from its elFinder package: Here’s a sample log we...