Malware exploiting WordPress: “RevSlider”

Many WordPress sites are currently vulnerable to attack through a plugin known as “RevSlider”, this is a premium plugin often bundled with themes (so you may not have installed it yourself!)

This exploit is known as “SoakSoak” named after the first domain used in the redirection path, it is believed have compromised several hundred thousand WordPress installs and we’re seeing a very active campaign to exploit this vulnerability.

You can read more about the vulnerability and the attack on securi.net, we urge all users to upgrade the plugin to at least version 4.6 and contact the developers of any themes that may use this to get upgraded versions.

Leave a Reply

Your email address will not be published.