Knowledgebase

Wordpress Upload Vulenribility revslider.zip

Posted by SAHostKing, 04-30-2015, 10:46 AM
Hi guys, I'm noticing quite a few sites with a weird issue. They have this file revslider.zip in the following folder: /wp-content/plugins/revslider/temp/update_extract/ within the folder is weird folders with .sh files . Anyway I can get around this? or block these files from being uploaded through wordpress. Mod security rule?
Posted by Luke@Hostirian, 04-30-2015, 11:59 AM
Doing some researching on this, I found this page which may be helpful: https://blog.sucuri.net/2014/12/anal...-backdoor.html
Posted by khunj, 05-01-2015, 10:32 AM
You can try to block direct access to a script in the /update_extract/ folder, but forcing your users to upgrade their Revolution Slider plugin ASAP is the best thing to do. This hack has been around for 6 months already.
Posted by SneakySysadmin, 05-01-2015, 03:57 PM
Hmm... someone running WordPress who hasn't updated anything in 6+ months and the site has been hacked you say? ( Checks Calendar ) Well, what do ya know... it's a day ending in 'Y' You can block these files from being uploaded by learning to keep WordPress and all its plugins up-to-date. The very first thing any site operator using WordPress should do when they wake up in the morning is pour the first cup of coffee then check to see if there are any updates they need to install. Hell, skip the coffee - check for updates first. Then check for updates again before you go to bed. If there are updates to WP or any plugins - INSTALL THEM. Don't wait. Seriously - don't.
Posted by aniga17, 05-03-2015, 01:59 PM
Just you have to update the plugin that is all because this is vulnerbility it could cause and other problem thanks
Posted by CoderJosh, 05-04-2015, 08:50 AM
In such a case it's important not just to update the site, but also to scan it for any backdoors that might have been uploaded while it has been vulnerable. It's not uncommon to find a whole zoo of PHP shells / backdoors on an outdated WordPress site.


Was this answer helpful?

Add to Favourites Add to Favourites

Print this Article Print this Article
Also Read
Reseller Billing/Bandwidth Management Software (Views: 615)
Godaddy's reseller plan (Views: 602)
Linux Vs Windows (Views: 628)
Mentor Needed (Views: 604)
Load balancing Email? (Views: 601)


Language:

Client Menu

 

Client Login

Email

Password

Remember Me

Search



  
 

Clients

Hosting

VPS Hosting

About Us

Contact Us

Copyright © 2015 DC International LLC in partnership with Bragin IT Solutions Inc. - All Rights Reserved.