HostMonster Web Hosting Help

Emergency WordPress Plugin Update: Slider Revolution

The WordPress plugin; Slider Revolution, versions prior to 4.2, has been found to be vulnerable to unauthenticated file access. This means that hackers are able to use this plugin to access any content on your hosting account, e.g. config files containing passwords. On September 3rd 2014 we attempted to force upgrade all instances of the plugin, however due to the way this plugin has been designed we were unable to force the upgrade.

Is my WordPress installation vulnerable?

You will need to confirm that you are running, at least, version 4.2 of the Slider Revolution plugin. Because this plugin has been packaged with many themes you will need to check for theme updates as well as for an update for the plugin.

Updating the Plugin:

  • Login to your WordPress Dashboard.
  • Open the Slider Revolution backend.
  • Locate the Update button, should be in the lower right corner.
    Slider Revolution
    Image Source: screencast.com/t/HmPjxmf2pq9v

Updating the Theme:
A list of exploited themes has been compiled by Sucuri. For updated versions of your theme you will want to check with the theme vendor for an updated version.

How can I protect myself from future exploits?

The best thing to do is to keep your software up to date. Frequently checking for and applying core software (e.g. WordPress) updates as well as Plugin and Theme updates will help keep your software secure. You may also want to look into using a security service such as SiteLock or CloudFlare

Knowledgebase Article 9,346 views bookmark tags: hack wordpress (updated 225 days ago)


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

Why we had to update the WordPress Plugin: MailPoet (updated 270 days ago)
Knowledgebase Article 6,046 views tags: mailpoet security wordpress

Explanation of the Social PNG hack (updated 64 days ago)
Knowledgebase Article 3,524 views tags: hack security wordpress

Install Plugins These steps will help you install and select a WordPress plugin for your blog. Inside the WordPress Dashboard, select the Add New link from the Plugins menu. You can search for a plug (updated 19 days ago)
Getting Started Article 100,535 views tags: blog install link plugin wordpress

Related Help Content

Uninstall a WordPress Plugin (updated 46 days ago)
Knowledgebase Article 774 views tags: security wordpress

How to install and configure the W3 Total Cache WordPress Plugin (updated 794 days ago)
Knowledgebase Article 6,484 views tags: cache wordpress

This article explains how to deactivate, change or delete themes and plugins on a WordPress site without the dashboard. (updated 4 days ago)
Knowledgebase Article 164 views tags: access dashboard deactivate disable plugin plugins theme themes wordpress

How to install and configure the WP Super Cache plugin for your wordpress blog (updated 354 days ago)
Knowledgebase Article 6,592 views tags: cache wordpress

How to update WordPress Plugins (updated 1394 days ago)
Knowledgebase Article 34,973 views tags: plugins wordpress

My Wordpress site is slow or seems down. (updated 1436 days ago)
Knowledgebase Article 68,130 views tags: wordpress

If you have a WordPress blog hosted on wordpress.com, you can easily export it and import it to WordPress that is installed on your hosting account with hostmonster. Login to the WordPress D (updated 11 days ago)
Getting Started Article 238,105 views tags: blog export file import wordpress

How to enable the function to manually update AwStats (updated 943 days ago)
Knowledgebase Article 132,615 views tags: awstats logs manual statistics stats update