December 16, 2014 at 11:12 pm #101262
Hi Anna, I just received this email from my hosting company, please advise
Important Notice: Update required for revslider
Justhost.com <[email protected]>
Slider Revolution Premium Plugin has released a new verison 4.6.5 for their plugin. A recent hack has been found in older versions of this plugin that allows an attacker to download any file from your hosting account, such as the configuration file containing the database passwords. Once the attacker has this information the attacker can comprise your website via the database.
This vulnerability is being exploited currently which is causing numerous domains to become blacklisted by Google. For additional details please refer to this link http://blog.sucuri.net/2014/12/soaksoak-malware-compromises-100000-wordpress-websites.html
Your account was found to have the Slider Revolution Premium Plugin. Due to the vulnerability this creates to your website and our servers we strongly recommend that you upgrade this plugin to the most recent version 4.6.5. We also strongly recommend that you update all of your plugins and themes as the Slider Revolution Plugin is included in a number of other themes and plugins. It is strongly recommend you update your WordPress installation(s) to the most current version at this time as well.
** If the Slider Revolution Premium Plugin is not updated by 28 December 2014 we will be forced to disable the plugin in order to protect our servers from being blacklisted. **
The easiest way to resolve this is to log into your WordPress admin control panel and click on Plugins (located on the left panel). Scroll down and find Slider Revolution Plugin in the list, the version number will be listed in the description. If a WordPress plugin update is available, it will be shown on the Dashboard Panel, an alert on the Plugin’s menu title, and on the Plugin List. You can also refer to our Knowledge Base article https://my.justhost.com/hosting/help/emergency-wordpress-plugin-update-slider-revolution for directions on updating the plugin.
For more information please visit: http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
- This topic was modified 2 years, 10 months ago by jamesg371.
December 17, 2014 at 9:29 am #101266
Thank you for your message.
The update of Revolution Slider was released only a few days ago and they didn’t mention any vulnerability features in the release notes.
Please provide a gmail or yahoo email address and we will send you the update.
You can open a ticket in our ticket system http://support.wpestate.org/, all information provided there will be private.
You must be logged in to reply to this topic.