Tag Archives: RevSlider vulnerability

Over 100,000 WordPress Sites Compromised by Malware

Over 100,000 WordPress sites have been compromised by malware called SoakSoak. According to security company Sucuri, the compromise occurred via a plugin called RevSlider. The developers of the plugin have been criticized for making automatic updates difficult.

According to Gizmodo, the malware only affects self-hosted sites; not sites hosted on WordPress.com. Furthermore, WordPress itself is not affected, so you shouldn’t be vulnerable just because you’re using WordPress; you had to have used a vulnerable version of the RevSlider plugin. If you think you might have been affected though, Sucuri provides some technical details here. Its instructions, however, could have been clearer. For example, they tell you to “remove all backdooors [sic],” but don’t provide any specific instructions on how to remove these backdoors. An article in The Guardian hints that one such backdoor may consist of new administrator users.