IMPORTANT UPDATE
Protection against vulnerabilities in revslider.
Revslider (revolution slider) is a component included by defect in many themes and WordPress templates. Unfortunately, in present days, many vulnerabilities have been found, and some of them are very dangerous.
2014 November 26th
A vulnerability which allows to upload and execute a shell in any site, without previous authentication, was discovered.
2015 March 30th
A vulnerability which allows to download any file from a server, among these, the configuration file where the access to the data base credentials are found, was discovered.
A patch for same is attached below.
2015 May 8th
A new vulnerability which allows to upload any file to a server with WordPress (a shell, a phishing site, a script to send spam, for example) and execute it without the need of users and passwords, was found.
———————————————————————————————–
VERSION 4.1.4 OR OLDER MUST BE UPDATED IMMEDIATELY TO AVOID CRITICAL VULNERABILITY