The hacker claims to have found a way to upload a malicious shell via the CopySafe Web Protection plugin.
WordPress is used by thousands of websites, and the CopySafe Web Protection plugin is used by WordPress users, as this allows them to grant their users the following capabilities:
- Copy Protecting Images
- Protecting all web page media
- Copy Protecting Flash, PDF and video online