RevSlider Plugins Vulnerability for Wordpress - Powered by Kayako Help Desk Software

Knowledgebase

7Downloads 11General Support 3Security 17Email Support 10FTP Support 1Mysql Support 3Domain Transfer 1Application Setting for Windows Server 4Tutorial Content Delivery Network

Knowledgebase: Security

RevSlider Plugins Vulnerability for Wordpress

Posted by Technical Manager, Last modified by Technical Manager on 23 April 2015 11:36 AM

Currently there are newly active vulnerability for wordpress related with revslider plugin. This plugins is a premium plugin but some user does not aware about it because some themes already bundled with it.

Attack sequence.

1. Discovery. Normally the bot will try to find vulnerable version of the plugins.

2. Exploit. It will use the script to upload malicious theme to the site

3. Take over. If the exploit successful it will inject Fileman backdoor.

Recommendation :

Install sucuri scanner plugin inside the worpress and scan the wordpress blog for vulnerability.

https://wordpress.org/plugins/sucuri-scanner/

(0 vote(s))

Helpful

Not helpful

Comments (0)

Post a new comment Reply to comment
Post a new comment Reply to comment

Full Name:
Email:
Comments:

CAPTCHA Verification
CAPTCHA Verification

Please enter the text you see in the image into the textbox below (we use this to prevent automated submissions).

iWHOST Support System