Last updated by at .

WARNING: WordPress Slider Revolution Plugin Vulnerability

by Feynman Group

Posted on 2014-09-09 21:28:29


Wordpress hackingA serious security vulnerability has been discovered in two prevalent plugins, Slider Revolution and Showbiz Pro (WordPress). Considering these popular plugins are distributed through many popular WordPress themes from ThemeForest and sold directly on CodeCanyon, an abundance of websites can be expected to be at risk.

What it Does

According to the security blog Sucuri, due to the vulnerability, remote hackers are able to gain access into the servers of any site using outdated versions of these plugins. This includes versions of Slider Revolution earlier than 4.2 (released February 2014) and versions of Showbiz Pro earlier than 1.5.3 (released January 2014). In other words, as long as your plugins are updated to these versions, your website will be safe.

How Do I Know if I’m at Risk?

If You Purchased a Theme from ThemeForest

In response to the vulnerability, Envato contacted each theme’s authors and created a list of potentially affected themes. Check here to see if any of the themes you use are at risk. For users’ convenience, Envato organized the list in two sub-categories: (1) Themes yet to offer a secure update and (2) Themes already offering a secure update.

1. Login to your WordPress Admin site
2. Click on the Plugins link in the sidebar
3. Find the Showbiz Pro and Slider Revolution from plugin
4. The version number will appear on the second line of the Description column (as seen below)
Check your WordPress Admin

You can also check your plugin version directly by following these steps:

Now what?

This vulnerability is a very serious concern. It has the potential to cause havoc on company websites and allow hackers to download virtually any information they want.

For our clients, we have begun manually updating their WordPress Plugins to ensure quality control. However, if your company is in need of protection, don’t hesitate to reach out to Feynman Group and let our expert web developers give you the security you deserve.

For additional information, hop on over here for step-by-step guides to manually update your WordPress Plugins.

 


Contact Us

Feynman Group Logo
info@feynmangroup.com

1177 Pearl St.
Eugene, OR 97401
541.342.5531

107 SE Washington Street, Suite 160
Portland, OR 97214
971.254.9922