HostMonster Web Hosting Help

Emergency WordPress Plugin Update: Slider Revolution

The WordPress plugin; Slider Revolution, versions prior to 4.2, has been found to be vulnerable to unauthenticated file access. This means that hackers are able to use this plugin to access any content on your hosting account, e.g. config files containing passwords. On September 3rd 2014 we attempted to force upgrade all instances of the plugin, however due to the way this plugin has been designed we were unable to force the upgrade.

Is my WordPress installation vulnerable?

You will need to confirm that you are running, at least, version 4.2 of the Slider Revolution plugin. Because this plugin has been packaged with many themes you will need to check for theme updates as well as for an update for the plugin.

Updating the Plugin:

  • Login to your WordPress Dashboard.
  • Open the Slider Revolution backend.
  • Locate the Update button, should be in the lower right corner.
    Slider Revolution
    Image Source: screencast.com/t/HmPjxmf2pq9v

Updating the Theme:
A list of exploited themes has been compiled by Sucuri. For updated versions of your theme you will want to check with the theme vendor for an updated version.

How can I protect myself from future exploits?

The best thing to do is to keep your software up to date. Frequently checking for and applying core software (e.g. WordPress) updates as well as Plugin and Theme updates will help keep your software secure. You may also want to look into using a security service such as SiteLock or CloudFlare

Knowledgebase Article 11,030 views bookmark tags: hack wordpress (updated 264 days ago)


Was this resource helpful?

Did this resolve your issue?


Please add any other comments or suggestions about this content:





Recommended Help Content

Why we had to update the WordPress Plugin: MailPoet (updated 308 days ago)
Knowledgebase Article 6,719 views tags: mailpoet security wordpress

Explanation of the Social PNG hack (updated 102 days ago)
Knowledgebase Article 5,300 views tags: hack security wordpress

Install Plugins These steps will help you install and select a WordPress plugin for your blog. Inside the WordPress Dashboard, select the Add New link from the Plugins menu. You can search for a plug (updated 57 days ago)
Getting Started Article 102,680 views tags: blog install link plugin wordpress

Related Help Content

A guide on how to update your WordPress plugins (updated 34 days ago)
Knowledgebase Article 45,282 views tags: plugins wordpress

Uninstall a WordPress Plugin (updated 84 days ago)
Knowledgebase Article 1,361 views tags: security wordpress

How to install and configure the W3 Total Cache WordPress Plugin (updated 832 days ago)
Knowledgebase Article 7,875 views tags: cache wordpress

This article explains how to deactivate, change or delete themes and plugins on a WordPress site without the dashboard. (updated 43 days ago)
Knowledgebase Article 1,315 views tags: access dashboard deactivate disable plugin plugins theme themes wordpress

How to install and configure the WP Super Cache plugin for your wordpress blog (updated 393 days ago)
Knowledgebase Article 7,589 views tags: cache wordpress

My Wordpress site is slow or seems down. (updated 1475 days ago)
Knowledgebase Article 70,399 views tags: wordpress

If you have a WordPress blog hosted on wordpress.com, you can easily export it and import it to WordPress that is installed on your hosting account with hostmonster. Login to the WordPress D (updated 49 days ago)
Getting Started Article 244,226 views tags: blog export file import wordpress

How to enable the function to manually update AwStats (updated 981 days ago)
Knowledgebase Article 134,632 views tags: awstats logs manual statistics stats update