A security flaw in a popular WordPress plugin called WordPress Download Manager has now been fixed. The flaw allowed hackers to run and upload malicious files on the websites that ran the plugin.