Protection against vulnerabilities in revslider.
Revslider (revolution slider) is a component included by defect in many themes and WordPress templates. Unfortunately, in present days, many vulnerabilities have been found, and some of them are very dangerous.
2014 November 26th
A vulnerability which allows to upload and execute a shell in any site, without previous authentication, was discovered.
2015 March 30th
A vulnerability which allows to download any file from a server, among these, the configuration file where the access to the data base credentials are found, was discovered.
A patch for same is attached below.
2015 May 8th
A new vulnerability which allows to upload any file to a server with WordPress (a shell, a phishing site, a script to send spam, for example) and execute it without the need of users and passwords, was found.
VERSION 4.1.4 OR OLDER MUST BE UPDATED IMMEDIATELY TO AVOID CRITICAL VULNERABILITY