• Skip to primary navigation
  • Skip to main content
  • Skip to footer
WPSecurityLock – Malware removal & WordPress security services

WPSecurityLock – Malware removal & WordPress security services

WordPress security, malware removal, repair, backups, ongoing maintenance, installation, site migration & support services – WP Security Lock.

  • Facebook
  • LinkedIn
  • Twitter
  • Home
  • About
    • About Us
    • Speaker Information
    • Contact Us by Phone, Email or Live Chat
    • Testimonials
  • Security Services
    • Malware / Virus Removal
    • WordPress Security and Installation Services
    • Monthly Security Packages
    • SSL Conversion Service (HTTP to HTTPS)
  • Blog
  • Resources
  • Contact
  • SafeWP

RevSlider Vulnerability Leads to Thousands of Sites Hacked

December 16, 2014 By Michele Butcher Leave a Comment

Google has blacklisted over 11,000 websites as of Sunday due to the SoakSoak attack. Hackers are using the RevSlider hole to infect sites with the malware. It has been reported that over 100,000 websites has this vulnerability. It comes in through the hole of the RevSlider plugin, uploads its own backdoor to your site, then infects everything on the server. If a site is on a shared hosting and does not use RevSlider, it could still become infected due to other sites hosted on the same server. Any version below 4.2 is a security threat and should be updated immediately. Right now they are at version 4.6.5.

The RevSlider plugin is very popular. It is built in many themes from Envato's Marketplace-CodeCanyon. Many of their themes have it bundled in and consumers do not realize to look for the plugin. Some are still running the same version of RevSlider as what was built in the the theme.  It has also been a stand alone plugin that many have used. The vulnerability was patched back in February but many WordPress users have not updated yet. This is what has caused the major hack attack.

How to fix the RevSlider Vulnerability

Update. If you have the plugin as a stand-alone please update it now.

Check your theme. If you are using an Envato theme please check it for the RevSlider plugin. Many of the themes you can purchase from CodeCanyon has them bundled into the theme.

Do not try to just delete the infected files. It will not close the backdoor and your site will get infected again. We are here to help you get your site clean and secure.

 

WPSecurityLock’s team are experts at finding and fixing malicious code on WordPress sites and plugins.  If you think your site has been hacked, we can remove malware. If you need repair services, such as updating plugins like RevSlider, we offer a full range of WordPress repair services.  These services are also included in many of our WordPress monthly security packages, which include site monitoring, plugin updates and provide you with peace of mind.

If you need help with updating to WordPress 3.9 or have any questions, please contact us immediately at 815-600-7270 or add a comment below!!

Filed Under: Bugs & Vulnerabilities, Malware and Virus Alerts, Security News, WordPress Security Tips, WordPress Themes, WP Security Lock News Tagged With: hacked, malware attack, plugin vulnerability, RevSlider, theme vulnerability, WordPress

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Let’s work together:

Get in touch with us and send some basic info about your project. Don't be shy, we can help with just about anything.

Contact Us!

Footer

  • Facebook
  • LinkedIn
  • Twitter

Contact

Call 815-600-7270
Contact
Mo,Tu,We,Th,Fr 9:00 am – 5:00 pm

Get WordPress Help Now

Chat With Us!
Submit A Support Ticket

Copyright © 2025 | WP Security Lock, Inc