https://www.bleepingcomputer.com/news/security/hackers-actively-exploiting-severe-bug-in-over-300k-wordpress-sites/

Hackers are actively exploiting a critical remote code execution vulnerability allowing unauthenticated attackers to upload scripts and execute arbitrary code on WordPress sites running vulnerable File Manager plugin versions.

On the morning of September 1, Arsys's Gonzalo Cruz was the first to discover the flaw and the fact that it was already being exploited by attackers to upload malicious PHP files onto vulnerable websites.