100,000 WordPress Sites Compromised by RevSlider Plugin

Nikole Haiar - December 16, 2014

sliderrevWordPress site owners should take note of a large malware campaign reported by Sucuri that has compromised over 100,000 WordPress sites via a third-party plugin. The vulnerable component within WordPress is RevSlider, a premium slider creator plugin for WordPress site designers.

You may have RevSlider installed without having explicitly done so, as RevSlider is bundled with paid WordPress theme packs.

An estimated 70 million sites use WordPress for content management. The current attacks are only targeting self-hosted sites, not those who host via WordPress.com.

The good folks at Sucuri have made available a free site checker that can determine if your site is compromised.