All Products
Document Center

[Vulnerability notice] Arbitrary file download vulnerability in the Wordpress Slider Revolution plug-in

Last Updated: Nov 27, 2017


Slider Revolution is a WordPress plug-in. The plug-in has a severe security vulnerability that may allow hackers to remotely download files from the server.

Attackers may construct malicious requests to download sensitive files from the server, and further embed website webshell files to control the website server host.

Affected versions

Slider Revolution <= 4.1.4


Go to the Wordpress management backend, and update Slider Revolution to the latest version.