For anyone who has a WordPress site installed, if you're using the Revolution Slider plugin (after all it's the most downloaded plugin on the envato marketplace), check it's up to date.
If you're using 4.1.4 or older, anyone can access your wp-config file through the browser (using a string of text after the URL). Obviously this gives them access to your database details, I've tested on some sites today (and informed them).
It's been kept pretty quiet, but today emails are being sent out from some of the biggest theme market places, so expect more people to attempt to 'hack' each others sites.
So update, then change your database details.
If you've updated any-time since Feb 2014, it's probably best to update your database details anyway, as that's how long the vulnerability has been known.
http://marketblog.envato.com/general/plugin-vulnerability/
P.s. even if you're not using the plugin, if it's installed it's still a problem.
If you're using 4.1.4 or older, anyone can access your wp-config file through the browser (using a string of text after the URL). Obviously this gives them access to your database details, I've tested on some sites today (and informed them).
It's been kept pretty quiet, but today emails are being sent out from some of the biggest theme market places, so expect more people to attempt to 'hack' each others sites.
So update, then change your database details.
If you've updated any-time since Feb 2014, it's probably best to update your database details anyway, as that's how long the vulnerability has been known.
http://marketblog.envato.com/general/plugin-vulnerability/
P.s. even if you're not using the plugin, if it's installed it's still a problem.