Web Hosting News

AHosting Issues WordPress Security Warning In The Wake Of SoakSoak

AHosting Issues WordPress Security Warning In The Wake Of SoakSoak
December 19
12:49 2014

Hudson, FL – AHosting, a leading provider of optimized WordPress hosting, has released a security warning and advisory notice to users of the WordPress content management system. Hundreds of thousands of WordPress sites have been infected with the SoakSoak malware, which enables attackers to completely circumvent a site’s access controls.

The main vector for the malware appears to be the popular Slider Revolution Responsive WordPress Plugin, also known as RevSlider. Sites infected with the SoakSoak malware, via the RevSlider vulnerability or otherwise, may have a backdoor installed which gives the attacker complete control over the site.

The vulnerability in RevSlider was disclosed and patched earlier this year, but many sites are still running vulnerable versions. The owners of sites still running a vulnerable version of the RevSlider plugin, which includes all releases below version 4.2, should immediately update the plugin.

“The main vector for SoakSoak was closed some time ago, but many WordPress users, especially those who installed the RevSlider plugin as part of a theme, have not yet updated,” commented Daniel Page, Director of Business Development at AHosting, Inc., “Plugins bundled with themes are not updated as part of the standard WordPress upgrade feature, but must be upgraded along with the theme. It appears that many theme developers have failed to include patched version of the RevSlider in their plugins, leaving many thousands of WordPress users vulnerable.”

WordPress site owners who are concerned that their site may be infected with the SoakSoak malware can use the free Website Malware Scanner from Sucuri to check their sites. It should be understood that simply removing the SoakSoak files from a WordPress installation is not sufficient: the malware’s backdoor may remain, and the initial vulnerability could be exploited again.

WordPress owners will reduce their vulnerability to all exploits if they follow simple WordPress security best practices, including ensuring that all plugins, themes, and WordPress Core are kept up-to-date.

About Ahosting:
AHosting is a managed web hosting provider with facilities in Orlando, FL, and Detroit, MI, owned and operated by AHosting, Inc., supplying hosting services that are truly beyond imagination. Since 2002, AHosting has established one of the web’s premier solutions for reseller web hosting, multiple IP hosting, dedicated servers, and VPS hosting. For more information, visit

Research, evaluate and learn more about shared web Hosting at

About Author

FindMyHost Editor

FindMyHost Editor

The 'Web Hosting Blog' at was established to provide the web hosting industry with the very latest in news, technology, interviews, event information and more. About Launched in January 2001 to protect Web Host Consumers and Web Developers from making the wrong choice when choosing a Web host. showcases a selection of web hosting companies who have undergone our Approved Host program testing and provides reviews from customers.

Related Articles


No Comments Yet!

There are no comments at the moment, do you want to add one?

Write a comment

Write a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Special Offers: