WordPress – RevSlider Local File Inclusion (LFI)

Description

Kayran has detected that you’re using an outdated version of Slider Revolution Premium WordPress Plugin, that allows a remote attacker to download any file from the server.

By exploiting this vulnerability, attackers can download any file they please, even your wp-config.php file.
By doing so, he can steal the database’s credentials, which then allows him to initiate attacks against the website via the database.

Recommendation

To prevent these types of LFI attacks, update the version of the WordPress Slider Revolution Premium plugin.

References

https://www.sliderrevolution.com/

< Return to all Vulnerabilities

The Cloud

I’m pretty sure there isn’t a single adult in the world who hasn’t at least heard of The Cloud. Explaining “The Cloud” in 2022 may

Read More »

Bug Bounties

As pirates, we all love plundering, we all love raiding, but mostly, we all love bounties, especially Bug Bounties. Let’s talk about it. Bug Bounties

Read More »

Man-In-The-Middle Attacks

Do you know these people who just push themselves into conversations?That’s Man-In-The-Middle Attacks. And from a wider angle, Man-In-The-Middle Attacks, or MITM, are built around

Read More »