WordPress.org

Ready to get started?Download WordPress

Forums

wp-FileManager
[resolved] I just had a freakishly bizarre error with the plugin (3 posts)

  1. ianarmstrong
    Member
    Posted 8 months ago #

    I just had an incident with an SEO Firm I work with. A new client had not provided FTP access to their site so I booted in this plugin in order to make a change to wp-config.php. The plugin seemed to work fine, at first. I downloaded the file, added a couple of lines of code, saved, and uploaded - never thinking to scan to the very bottom.

    My mistake.

    Somehow, on download, wp-filemanager appended the entire index.php file (rendered HTML) to the end of wp-config.php. The result took the client's entire site offline (WSOD) for four hours until we could reach someone who was able to revert the wp-config file to its former status. Pretty embarrassing stuff.

    On the plus side, we now have full developmental access and a full backup. As far as we know, the ultimate client isn't firing my client. Still... what the heck happened? How did the PHP return a download that had an HTML file appended to the end of the requested one?

    http://wordpress.org/plugins/wp-filemanager/

  2. anantshri
    Member
    Plugin Author

    Posted 8 months ago #

    I have received this as a second complain for this issue. I would not lie there used to be a similar issue and i did specifically patched it in last release.

    out of the two complains i was not able to replicate the scenario for this attack however i will try having a look at the code once again and see what i can find out.

  3. Diana
    Member
    Posted 3 months ago #

    Deleted. Started new thread since this one was marked "resolved".

Reply

You must log in to post.

About this Plugin

About this Topic