exploit to download files

The researchers said hackers are actively exploiting a vulnerability that allows them to execute commands and malicious scripts on websites that have File Manager, a WordPress plugin with more than 700,000 active installations, installed and running. Information about the attacks came a few hours after the breach in the site management system was fixed.Attackers use the exploit to download files containing web shells hidden in the image. From there, they have a user-friendly interface that allows them to run commands in plugins/wp-file-manager/lib/files/, the directory where the File Manager plugin resides. While this restriction prevents hackers from executing commands on files outside the directory, hackers can do even more damage by downloading scripts that can perform actions in other parts of the vulnerable site.