SECURITY ANNOUNCEMENT - WordPress Revolution Slider Serious Vulnerability
Monday, 15th December, 2014
Yesterday we disclosed a large malware campaign targeting and compromising over 100,000 WordPress sites
, and growing by the hour. It was named SoakSoak due to the first domain used in the malware redirection path (soaksoak.ru).
After a bit more time investigating this issue, we were able to confirm that the attack vector is the RevSlider plugin.
All our clients who have a WordPress site management contract with us have already been updated to the latest version.
All other clients are asked to update their Revolution Slider plugin to version 4.2 or greater, which resolves the issue, as soon possible. Not doing so will risk your site being hacked.