Digital experiences for all disciplines
New Landing › How can we help? › Themeforest Theme Support › Neighborhood › Slider Revolution Premium Plugin – Hacking Issues
New Landing › How can we help? › Themeforest Theme Support › Neighborhood › Slider Revolution Premium Plugin – Hacking Issues
- This topic has 34 replies, 3 voices, and was last updated 10 years by Mohammad – SUPPORT.
-
Posted in: Neighborhood
-
December 22, 2014 at 2:13 am #137056
Hi,
I received an email from BlueHost about the Slider Revolution Premium Plugin hacking issues and have been advised to upgrade to version 4.6.5 by 28 Dec 2014 or else my site will be blacklisted.
Even though I believe the issue/s affect/s versions prior to 4.2 (I have version 4.3.1), I have been advised by BlueHost to upgrade or ask you for a patch.
As the Slider came with my Neighbourhood theme and I’m not a coder/developer, I’m not sure what I have to do.
Can you please help me.
Warm wishes, KT
______________Full email from BlueHost:
Slider Revolution Premium Plugin has released a new verison 4.6.5 for their plugin. A recent hack has been found in older versions of this plugin that allows an attacker to download any file from your hosting account, such as the configuration file containing the database passwords. Once the attacker has this information the attacker can comprise your website via the database.
This vulnerability is being exploited currently which is causing numerous domains to become blacklisted by Google. For additional details please refer to this link http://blog.sucuri.net/2014/12/soaksoak-malware-compromises-100000-wordpress-websites.html
Your account was found to have the Slider Revolution Premium Plugin. Due to the vulnerability this creates to your website and our servers we strongly recommend that you upgrade this plugin to the most recent version 4.6.5. We also strongly recommend that you update all of your plugins and themes as the Slider Revolution Plugin is included in a number of other themes and plugins. It is strongly recommend you update your WordPress installation(s) to the most current version at this time as well.
** If the Slider Revolution Premium Plugin is not updated by 28 December 2014 we will be forced to disable the plugin in order to protect our servers from being blacklisted. **
The easiest way to resolve this is to log into your WordPress admin control panel and click on Plugins (located on the left panel). Scroll down and find Slider Revolution Plugin in the list, the version number will be listed in the description. If a WordPress plugin update is available, it will be shown on the Dashboard Panel, an alert on the Plugin’s menu title, and on the Plugin List. You can also refer to our Knowledge Base article https://my.bluehost.com/hosting/help/emergency-wordpress-plugin-update-slider-revolution for directions on updating the plugin.
For more information please visit: http://blog.sucuri.net/2014/09/slider-revolution-plugin-critical-vulnerability-being-exploited.html
December 22, 2014 at 8:39 am #137081Hi
You can get the latest version from here: http://www.swiftideas.com/forums/topic/revolution-slider-latest-version-2/page/2/#post-135386
– Kyle
December 22, 2014 at 8:46 am #137087Hi Kyle,
Will this version work with the Neighbourhood theme?
How do I install it?
Many thanks 🙂
KTDecember 22, 2014 at 8:50 am #137090Yes sure 🙂
You need to use FTP to upload the new version
– Kyle
December 22, 2014 at 8:57 am #137095Hi Kyle,
Sorry to ask for more detail…
So, in WordPress, I’ve gone to Revolution Slider, scrolled the bottom and clicked on Manual Plugin Update, clicked on Chosen File (rev_slider.zip) and clicked on Update Plugin.
Is that right? It’s taking a long time…
Warm wishes,
KTDecember 22, 2014 at 9:01 am #137096I’ve never actually tried it that way.
The best method is to use an FTP program such as filezilla, then log into your host using the FTP details provided by them. Navigate to your wp-content/plugins folder and upload the new files.
If this is too tricky for you then you can delete the plugin from you WP admin and upload the new version
– Kyle
December 22, 2014 at 9:47 am #137119Hi Kyle,
My method didn’t work. I got this message:
“Update Error: Wrong update extracted folder. The file: /home7/jeanbagc/public_html/wp-content/plugins/revslider/temp/update_extract/revslider/revslider.php not found.
Please update the plugin manually via the ftp”I’ve followed your instructions. I think I’ve overwritten the wp-content/plugins/revslider by uploading the rev_slider.zip to the plugins folder. But, how do I see that I have 4.6.5 uploaded in the WordPress backend?
Cheers,
KTDecember 22, 2014 at 9:48 am #137121There’s a version number on the rev slider main page in the bottom corner, also in your plugins list
– Kyle
December 22, 2014 at 9:53 am #137126It still says I’m running Version 4.3.1. I even logged out of WP and logged back in to check if it needed a refresh in order to show the updated plugin…
I’ve attached a screen grab of the backend of my BlueHost account to show that I clicked on public_html/wp-content/plugins and then ‘upload’ to upload the rev_slider.zip.
What do you think I’m doing wrong/missing?
Cheers,
KTAttachments:
You must be logged in to view attached files.December 22, 2014 at 9:54 am #137129You need to extract the .zip file
– Kyle
December 22, 2014 at 10:01 am #137134I clicked on the .zip file I uploaded and then clicked on Extract and it created the folder _MACOSX with the rev slider inside it. Now it looks like I’ve got two rev slider folders?
Screens attached.
Attachments:
You must be logged in to view attached files.December 22, 2014 at 10:12 am #137142That’s odd, delete the old revslider folder, and then ‘move’ the new one outside of the _MACOSX folder.
– Kyle
December 22, 2014 at 10:24 am #137151Delete this one? Even though it looks like it’s been updated today? I checked the date on the files and they’re older than the 4.6.5 version I downloaded today. (screen attached)
Attachments:
You must be logged in to view attached files.December 22, 2014 at 10:28 am #137154…. most of the folders in _MACOSX seem to be empty… I don’t want to use this to replace the other one… (screen attached)
Attachments:
You must be logged in to view attached files.December 22, 2014 at 10:29 am #137156_MACOSX is an empty file which is uploaded when you upload from a Mac, you can just delete it
– Kyle
-
Posted in: Neighborhood
You must be logged in and have valid license to reply to this topic.