HostMonster Web Hosting Help

Emergency WordPress Plugin Update: Slider Revolution

The WordPress plugin; Slider Revolution, versions prior to 4.2, has been found to be vulnerable to unauthenticated file access. This means that hackers are able to use this plugin to access any content on your hosting account, e.g. config files containing passwords. On September 3rd 2014 we attempted to force upgrade all instances of the plugin, however due to the way this plugin has been designed we were unable to force the upgrade.

Is my WordPress installation vulnerable?

You will need to confirm that you are running, at least, version 4.2 of the Slider Revolution plugin. Because this plugin has been packaged with many themes you will need to check for theme updates as well as for an update for the plugin.

Updating the Plugin:

  • Login to your WordPress Dashboard.
  • Open the Slider Revolution backend.
  • Locate the Update button, should be in the lower right corner.
    Slider Revolution
    Image Source: screencast.com/t/HmPjxmf2pq9v

Updating the Theme:
A list of exploited themes has been compiled by Sucuri. For updated versions of your theme you will want to check with the theme vendor for an updated version.

How can I protect myself from future exploits?

The best thing to do is to keep your software up to date. Frequently checking for and applying core software (e.g. WordPress) updates as well as Plugin and Theme updates will help keep your software secure. You may also want to look into using a security service such as SiteLock or CloudFlare

Knowledgebase Article 12,037 views bookmark tags: hack wordpress (updated 328 days ago)


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

Why we had to update the WordPress Plugin: MailPoet (updated 371 days ago)
Knowledgebase Article 7,619 views tags: mailpoet security wordpress

Explanation of the Social PNG hack (updated 165 days ago)
Knowledgebase Article 6,321 views tags: hack security wordpress

Install Plugins These steps will help you install and select a WordPress plugin for your blog. Inside the WordPress Dashboard, select the Add New link from the Plugins menu. You can search for a plug (updated 120 days ago)
Getting Started Article 105,630 views tags: blog install link plugin wordpress

Related Help Content

A guide on how to update your WordPress plugins (updated 97 days ago)
Knowledgebase Article 49,535 views tags: plugins wordpress

Uninstall a WordPress Plugin (updated 147 days ago)
Knowledgebase Article 2,157 views tags: security wordpress

How to install and configure the W3 Total Cache WordPress Plugin (updated 895 days ago)
Knowledgebase Article 9,287 views tags: cache wordpress

This article explains how to deactivate, change or delete themes and plugins on a WordPress site without the dashboard. (updated 105 days ago)
Knowledgebase Article 3,265 views tags: access dashboard deactivate disable plugin plugins theme themes wordpress

How to install and configure the WP Super Cache plugin for your wordpress blog (updated 455 days ago)
Knowledgebase Article 8,879 views tags: cache wordpress

This article will explain how to manage WordPress plugins and themes using Wordpress Tools. (updated 9 hours ago)
Knowledgebase Article 5 views tags: plugins themes wordpress wordpresstools

How to update your WordPress site, using the WordPress tools (updated 9 hours ago)
Knowledgebase Article 3 views tags: upgrade wordpresstools

My Wordpress site is slow or seems down. (updated 1538 days ago)
Knowledgebase Article 72,383 views tags: wordpress