A serious vulnerability has been discovered in an outdated release of the excellent Slider Revolution plugin for WordPress.
An unpatched version of the plugin may allow a hacker to download any file from your system including critical WordPress core files that contain database passwords and other sensitive data.
A patch for the Slider Revolution flaw was released in February and anyone who has not updated their copy of Slider Revolution should update to version 4.2 or higher immediately.
The current version of Slider Revolution is 4.6.
NO ESC! Technologies Group clients who subscribe to one of our WordPress Maintenance plans have been affected by this vulnerability.