Will Wordfence stop soaksoak?

Hi

I’d love to see links on how we possibly assist in this. Please post urls and sources because that’s borderline slanderous. We deal with things like that quickly and without reservation. WF has helped millions of bloggers protect their sites and most of our features are free. If we assisted in making sites easier to exploit I doubt we’d be one of the top plugin downloads on www.remarpro.com.

The problem with this exploit is because of bundling. Theme developers add the plugin code directly in the theme. The buyer of the theme gets a added plugin. The problem is that these plugins are now part of the theme and not managed as a plugin. This is how WordPress works. If an update to the revslider comes out, the theme developer has to update the theme. If it’s never updated we cant report you need an update. So, its more than a plugin issue. You need to make sure your themes are current and updated, especially if they use the revslider code.

According to the developer of the revslider, its been patched for some time now. I know our software protects against using the exploits because I have locked myself out of a site last week testing it. (yeah, it was one of those ‘oh, I probably should have proxied before I did that’ moments) so we cover you.

tim

Looks like it was updated.

https://www.donationcoder.com/forum/index.php?topic=39826.0

Trust me, I didn’t think it was true. I’ve been using Wordfence for nearly 2 years and have 10 full licenses for all my websites, that would be a real problem for me. ??

Back to my original questions though, will WF stop this malware even if the revslider plugin is not on the website (or packaged in a theme)? I’ve seen reports online saying they didn’t have the plugin (or related themes) and still have the issue. I also know of one website I personally setup for a company with my own theme and it was inflected. I don’t think they had WF installed, but the company owner said they didn’t have the revslider plugin either.

My main reason for asking is that there are some other security plugins that are saying they do, that’s all. I’m not going to add another one, In WordFence We Trust. lol.

Hi Shawn,

Tim brought this to my attention today in a meeting. I read the forum thread and I see what happened there. Someone got confused and thought we were part of the problem. And then the thread was updated as you said. I thought about responding on that forum, but it looks like it’s all been cleared up.

So just to answer your most recent question: We do actually protect against exploits against the RevSlider plugin specifically. Whether or not you have the plugin installed and whether or not you’re running a vulnerable version, if someone tries to access a known exploit URL, they receive the message: “URL not allowed. Slider Revolution Hack attempt detected. #2”. I just reverified this and Tim verified it a few days ago by launching an attack on a website to test the feature.

Hope that helps. Let us know if you have further questions.

Regards,

Mark.

Awesome!