HostMonster Web Hosting Help

Emergency WordPress Plugin Update: Slider Revolution

The WordPress plugin; Slider Revolution, versions prior to 4.2, has been found to be vulnerable to unauthenticated file access. This means that hackers are able to use this plugin to access any content on your hosting account, e.g. config files containing passwords. On September 3rd 2014 we attempted to force upgrade all instances of the plugin, however due to the way this plugin has been designed we were unable to force the upgrade.

Is my WordPress installation vulnerable?

You will need to confirm that you are running, at least, version 4.2 of the Slider Revolution plugin. Because this plugin has been packaged with many themes you will need to check for theme updates as well as for an update for the plugin.

Updating the Plugin:

  • Login to your WordPress Dashboard.
  • Open the Slider Revolution backend.
  • Locate the Update button, should be in the lower right corner.
    Slider Revolution
    Image Source: screencast.com/t/HmPjxmf2pq9v

Updating the Theme:
A list of exploited themes has been compiled by Sucuri. For updated versions of your theme you will want to check with the theme vendor for an updated version.

How can I protect myself from future exploits?

The best thing to do is to keep your software up to date. Frequently checking for and applying core software (e.g. WordPress) updates as well as Plugin and Theme updates will help keep your software secure. You may also want to look into using a security service such as SiteLock or CloudFlare

Knowledgebase Article 11,684 views bookmark tags: hack wordpress (updated 304 days ago)


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

Why we had to update the WordPress Plugin: MailPoet (updated 347 days ago)
Knowledgebase Article 7,250 views tags: mailpoet security wordpress

Explanation of the Social PNG hack (updated 141 days ago)
Knowledgebase Article 5,948 views tags: hack security wordpress

Install Plugins These steps will help you install and select a WordPress plugin for your blog. Inside the WordPress Dashboard, select the Add New link from the Plugins menu. You can search for a plug (updated 96 days ago)
Getting Started Article 104,438 views tags: blog install link plugin wordpress

Related Help Content

A guide on how to update your WordPress plugins (updated 73 days ago)
Knowledgebase Article 48,803 views tags: plugins wordpress

Uninstall a WordPress Plugin (updated 123 days ago)
Knowledgebase Article 1,869 views tags: security wordpress

How to install and configure the W3 Total Cache WordPress Plugin (updated 871 days ago)
Knowledgebase Article 8,769 views tags: cache wordpress

This article explains how to deactivate, change or delete themes and plugins on a WordPress site without the dashboard. (updated 82 days ago)
Knowledgebase Article 2,372 views tags: access dashboard deactivate disable plugin plugins theme themes wordpress

How to install and configure the WP Super Cache plugin for your wordpress blog (updated 432 days ago)
Knowledgebase Article 8,373 views tags: cache wordpress

My Wordpress site is slow or seems down. (updated 1514 days ago)
Knowledgebase Article 71,768 views tags: wordpress

If you have a WordPress blog hosted on wordpress.com, you can easily export it and import it to WordPress that is installed on your hosting account with hostmonster. Login to the WordPress D (updated 88 days ago)
Getting Started Article 248,983 views tags: blog export file import wordpress

How to enable the function to manually update AwStats (updated 1020 days ago)
Knowledgebase Article 135,869 views tags: awstats logs manual statistics stats update