WordPress’ popular plugin File Manager (versions 6.0-6.8) contains a vulnerability that allows an attacker to upload files and execute commands. Indicators of compromise include filenames such as “hardfork.php”, “hardfind.php” and “x.php”.
The root of this problem is connector.minimal.php, which is due to a recent name change and executes directly — allowing the upload of malicious files on affected webservers. You can mitigate this vulnerability by updating to version 6.9.
Source: Portswigger