Tagged: revolution slider vulnerability
- This topic has 6 replies, 3 voices, and was last updated 10 years, 2 months ago by Theme Horse Support Team.
-
AuthorPosts
-
September 4, 2014 at 4:03 am #13573KristinaParticipant
I was notified by by my web hosting provider that there is a critical issue with the Revolution Slider. The warning is that there is a bug in the plugin that allows hackers to go into a site and hyjack/destroy files.
Here is the information:
http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
I can not deactivate the slider as it is embedded in the theme. Is there an update to Attitude Pro that has version 4.2 of the Revolution Slider plugin available?
My current fix is to deactivate and redo my entire site on another theme to protect myself from the vulnerability. Please advise as to what Theme Horse is doing to respond to this vulnerability.
Here is the email from my web provider:
We wanted to let you know about a recent security vulnerability regarding the Slider Revolution Plugin for WordPress that you installed on your account. We’ve identified an insecure version of that plugin on your website:
More information about this vulnerability is available online:
http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.htmlFOR YOUR PROTECTION …
We’ve disabled the Slider Revolution Plugin for the website referenced above and encourage you to upgrade it to a safe version before re-enabling it.We also strongly encourage you to change your WordPress password. This particular vulnerability exposes login credential information, and to be safe, it’s best that you change your password.
To be clear, the FatCow platform was not compromised; as the security vulnerability regarding the Slider Revolution Plugin for WordPress became known, we simply took immediate steps to ensure the online safety of all our customers.
If you have any questions at all, please don’t hesitate to contact us:
http://www.fatcow.com/support/contact.bml
Sincerely,
The FatCow TeamSeptember 4, 2014 at 6:23 am #13584Jeff PayneParticipantAn update has been released on the securi blog from themepunch. Stating the vulnerability was noted and fixed in version 4.2. http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html. Can Themehorse release or install the autoupdater for slider revolution which will help keep such vulnerabilities to a minimum.
September 4, 2014 at 2:47 pm #13618KristinaParticipantThanks Jeff. That was more succinct than my post :-). And, exactly what I would like.
September 5, 2014 at 5:32 am #13642Theme Horse Support TeamKeymasterHi all,
We have updated new version of revolution slider. So please update your theme.
Thank you!
September 5, 2014 at 7:36 pm #13671KristinaParticipantThanks. What is the new version number, please? When I download from my account I get 1.6.
September 5, 2014 at 8:03 pm #13674KristinaParticipantNo need to respond… I solved my own issue. The update ran smoothly, so thanks for getting that out so quickly.
September 8, 2014 at 5:09 am #13722Theme Horse Support TeamKeymasterOk that’s great Kristina.
Thank you!
-
AuthorPosts
- You must be logged in to reply to this topic.