Hi @atomicnicholas
Send us a support ticket by using this link https://filemanagerpro.io/contact we will be able to better assist you on your issue.
Please make sure you update the File Manager plugin to v6.9 if you are using the Free version.
We also recommend you run a service to clean up the malware from your website. We recommend you install Sucuri Malware scanner to assist. This plugin will help you scan and remove Malware from your website. https://wordpress.org/plugins/sucuri-scanner/
Looking forward to hearing from you!
-
This reply was modified 3 years, 3 months ago by
mndpsingh287.
-
This reply was modified 3 years, 3 months ago by mndpsingh287.
Same situation here. This was our favorite plugin and it triggered on most of our client’s sites. Guys, you need to fix the loophole quickly.
One of our customers was also affected by this hack.
A shell process was running on the customer’s server that kept undoing our changes.
www-data 1856 0.0 0.0 293448 3636 ? S Sep05 1:02 php /var/customers/webs/*****/***.*******************.de/lock666.php
It might help you to restart the web server service. This helped us.
p.s. The file lock666.php was not found on the server. I think it was deleted right after starting the process.
good luck,
Norman
Hi @logixtree and @norman
We thank you for being part of the File Manager community,
Firstly, we want to let you know that we take security very seriously, and apologize for any inconvenience or issues that have been caused.
Please update the File Manager plugin immediately to v6.9 if you are using File Manager Free, or to v8.0 if you are using File Manager Pro. Here is some documentation to assist you with the process: https://filemanagerpro.io/article/how-to-download-latest-version-of-file-manager-pro
The latest version contains a patch for this vulnerability and will keep you protected.
Send us a support ticket by using this link https://filemanagerpro.io/contact if you need anything, we will be able to better assist you.
I was hoping you guys can provide help, even if in a general way, before us having to go with the paid services like Wordfence/Sucuri/etc. (which are currently on high surge pricing due to high volume, and will further cost us a lot of money in service fees beyond the damage your plugin had already done), seeing as all this was caused by your plugin, and was not preventable by all the security plugins we had in place.
Not trying to keep blaming you (too late for that), but since it’s your product that caused this, perhaps you can provide guidance– if not direct assistance– as you must be aware of its pattern and behavior.
I have sent a support ticket already but wanted to point this out here because the damage has been unrelenting. Thank you.
Hi @atomicnicholas
Can you please share the ticket number that you have received from our support? We would like to schedule a call with you to review this and provide you some personalized support to help you resolve this issue.
If you would like to submit a new ticket please contact us at https://filemanagerpro.io/contact
Thanks!
I have sent a support ticket again, and still awaiting a response, please.
Hi @atomicnicholas, can you please share your ticket number so we can follow up on this?
