Description
Kayran has detected that you’re using an outdated version of Slider Revolution Premium WordPress Plugin, that allows a remote attacker to download any file from the server.
By exploiting this vulnerability, attackers can download any file they please, even your wp-config.php file.
By doing so, he can steal the database’s credentials, which then allows him to initiate attacks against the website via the database.
Severity/Score
Average Score – 5.0 Medium
Recommendation
To prevent these types of LFI attacks, update the version of the WordPress Slider Revolution Premium plugin.
References
https://www.sliderrevolution.com/
