WordPress – RevSlider Local File Inclusion (LFI)


Kayran has detected that you’re using an outdated version of Slider Revolution Premium WordPress Plugin, that allows a remote attacker to download any file from the server.

By exploiting this vulnerability, attackers can download any file they please, even your wp-config.php file.
By doing so, he can steal the database’s credentials, which then allows him to initiate attacks against the website via the database.


Average Score – 5.0 Medium


To prevent these types of LFI attacks, update the version of the WordPress Slider Revolution Premium plugin.




< Return to all Vulnerabilities

Explaining API

We’ve talked about API’s Vulnerability in here, but i feel like there’s much more to talk about and explain since this is a big and

Read More »