IMPORTANT!! REVSLIDER UPDATE.

[Swift Ideas – Ed]

Hey all,

We’ve just been made aware of a security issue with the Revolution Slider plugin, see below the email we received from Sucuri Security:

We’re emailing you to alert you to a serious vulnerability in the WordPress Slider Revolution premium plugin. The developer behind the popular plugin patched the vulnerability silently, meaning that, if you are running WordPress Slider Revolution, you have probably not yet heard that you must update as soon as possible.

This is a very serious vulnerability known as a Local File Inclusion (LFI) attack. It allows a user to retrieve data from files on your server. An example of such an attack would be pulling your WordPress wp-config.php file and using the credentials in that file to exploit your database and gain access to your website. If you use this plugin, please update immediately. If you’d like to learn more about the vulnerability, you can read about it on our blog.

Clients using our Website Firewall product are already being protected against this vulnerability.

Please update to the latest version of the plugin here: http://d.pr/f/gBzJ/1CyRstcw

Sucuri blog post link: http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html

– Ed

[fotogarcia]

How can I update the slider from within wordpress – the update doesn’t appear there?

[Swift Ideas – Ed]

Go to the Revolution Slider panel in your WordPress admin, and then click the “Manual Update Plugin” button in the bottom right corner: https://www.dropbox.com/s/o43lqlhdy3yu36i/Screenshot%202014-09-04%2002.10.01.png?dl=0

– Ed

[FlawlessWeb]

Sigh. This explains a lot.

Bought a theme from themeforest over a year ago (not a Swift Ideas one obviously) that had Revolution Slider bundled in. Just checked and it has never been updated in theme upgrades – Version 4.02 is installed.

For the past few months I have been getting all kinds of intrusion attempts, failed logins etc on the site and I could never figure out why. This would explain it.

[Kyle – SUPPORT]

Yeah likely to be the issue, make sure you update. Also look for updates every now and then on here: http://support.swiftideas.net/forums/topic/revolution-slider-latest-version-2/page/2/

– Kyle

[FlawlessWeb]

Yea, just updated it there to the latest version.

Hopefully that resolves the security issues I was having with that site.

[Kyle – SUPPORT]

great 🙂

[keldunto]

I’ll get an error when manual updating,
404 page not found (from my own site http://www.wijzijncvn.nl )

Does somebody know how to manual update using ftp without losing any settings and slider?

Greetzzz

[Rui Guerreiro – SUPPORT]

This reply has been marked as private.

[keldunto]

somebody?

[Rui Guerreiro – SUPPORT]

Hi replied you in private reply but since you are not the topic author you can’t see it.

Do ever used FileZilla to transfer files via ftp?

If not please open a new ticket and provide us ftp access so we can do it for you.
Please use the private reply option.

-Rui

[keldunto]

Thank you Rui

I understand now the private marking 😉

But yes I do know how to work with Filezilla.
Can i just overwrite the files?
I am a little insecure because i don’t want to lose all settings etc.

Thank you!

[zast]

This reply has been marked as private.

[westcoastsurf]

Please update to the latest version of the plugin here: http://d.pr/f/gBzJ/1CyRstcw

that link does not work.

[zast]

Bad … 🙁
I haven’t update buttom … I upload by ftp and now all my site is blank 🙁

Edit after 🙂 :

Now it’s ok :). You must desactivate the plugin and after you can reactivate . The site rework