The plugin, which was installed on more than 700,000 sites, allowed the attacker to take over the victim’s site by uploading a web shell disguised inside an image file on the victim’s server. It is unclear how the zero-day vulnerability was discovered by hackers, however the File Manager developers responded quickly, creating and releasing a patch for the zero-day to combat the attacks.