Revolution Slider Security

Hi Vlad,

I would just like to inquire whether the Moesia Pro 1.27 update includes the the safe version of the Revolution Slider Plugin?

Thanks!

Hello,

That security issue in Revolution Slider was in September as far as I can recall. We started bundling Revolution after that issue was solved. Unless there is a new one you heard about?

I checked now again, received an email on 16 December 2014 from my host saying that I should upgrade to 4.6.5:

"Slider Revolution Premium Plugin has released a new verison 4.6.5 for their plugin. A recent hack has been found in older versions of this plugin that allows an attacker to download any file from your hosting account, such as the configuration file containing the database passwords."

Also checked now my WordPress backend says the following:

Installed Version: 4.6.3 Latest Available Version: 4.6.5

Either way, how can update it manually, since I don’t have the Envato API Key or Purchase code?

However we seem safe… (I’d still like to know how to update)

VERSION 4.1.4 OR OLDER MUST BE UPDATED IMMEDIATELY TO AVOID CRITICAL VULNERABILITY

We’ll push an update later today just to update Revolution. I made a quick guide here that shows how to update it - might seem more complicated than it has to be, but it’s the only allowed way if the plugin is bundled.

Brilliant! You guys make me smile and very happy that I went with Moesia for our personal website :slight_smile:

EDIT: Very simple indeed. Just think the new 4.6.5 is not in your “repository” yet, but no issue right now, I’ll wait for your release.

Just pushed the update. You can update the theme from your dashboard.

Hi Vlad,

I’ve been successful, just letting you know that the theme update didn’t reflect the new Revolution Slider, but after I did the deactivate, delete and reinstall process it reflected the latest Revolution Slider.

Thanks for all the help and effort!

Hello,

Yes, that was the idea of the tutorial. The theme itself cannot update the plugin, that’s why you need to do it manually following the tutorial.