Background

Security Alert: Risks Associated With the WP File Manager Plugin

BulletinWordPress 120 Pro Radio WordPress Theme February 19, 2026

AD
Bulletin WordPress
add

Important clarification: WP File Manager is NOT a Pro Radio plugin and is not developed, distributed, or maintained by our team. It is a third-party plugin that some users install independently to edit server files from WordPress.

We are publishing this alert because several hacked customer websites were recently traced back to the use of the WP File Manager plugin.

Why this matters

WP File Manager is a popular plugin that allows direct file editing inside WordPress. While convenient, this type of plugin creates a very sensitive attack surface because it exposes filesystem access directly through the browser.

  • The plugin has not received updates for several months
  • Public user reports mention security incidents
  • File manager plugins are historically a common entry point for malware

If your website is compromised, the cause is very likely unrelated to Pro Radio itself but instead to vulnerable plugins or weak security practices.

How to recognize a hacked website

The most common symptom reported is the appearance of posts or pages that you never created. Other indicators may include unknown admin users, strange redirects, or unexpected SEO links.

Immediate actions to secure your site

  • Disable and remove WP File Manager
  • Delete any suspicious or unwanted posts
  • Change all WordPress passwords and verify there are no unknown administrators
  • Run a forced WordPress update to rewrite core files
  • Install Wordfence and enable two-factor authentication
  • Inside Wordfence login security, enable Disable XMLRPC authentication
  • Reinstall Pro Radio WP Theme (just upload your latest theme zip version, to clear possible compromised files, as hackers tend to hide code in the theme files)

Pro Radio security status

Pro Radio is actively maintained and receives frequent updates and security patches.
If your website is running the latest version of Pro Radio, the theme itself is considered safe and regularly audited.

  • Monthly updates and security maintenance
  • Compatibility fixes with Elementor security changes
  • Continuous performance and stability improvements

We strongly recommend running at least Pro Radio 8.4 or newer, as this includes important security improvements. The current version is 8.5.

If your access to Updates and Support expired, feel free to contact us here.

Final recommendation

Avoid installing file manager plugins unless strictly necessary. When server access is required, using FTP or hosting file managers is significantly safer.

Keeping WordPress, plugins, and Pro Radio updated is the single most effective protection against security incidents.

AD
Share on

Previous

Next

You may also like

Login to enjoy full advantages

Please login or subscribe to continue.

Go Premium!

Enjoy the full advantage of the premium access.

Stop following

Unfollow Cancel

Cancel subscription

Are you sure you want to cancel your subscription? You will lose your Premium access and stored playlists.

Go back Confirm cancellation