According to their analysis, the “SoakSoak” malware uses a known vulnerability in old versions of the Slider Revolution plugin to infect sites.
In September, we reported the Slider Revolution vulnerability and released a hotfix, which prevents attackers from taking advantage of the vulnerability on all sites running VaultPress 1.6.5 or later.
Today, we’ve released an update for our security scanner to detect any cases of the SoakSoak malware.
We are scanning all VaultPress-protected sites for this malware, regardless of plan level. We will contact site owners who are affected and will work directly with them to repair their sites.
Fixing a compromised site
We will contact you, if we determine that your site has been compromised. The easiest way to fix this vulnerability is for you to re-install your core WordPress files. You can do so in just a few steps:
1. Visit your WordPress dashboard.
2. Navigate to Dashboard → Updates
3. Click the Re-Install Now button and follow the prompts on screen.
To be extra safe, you should also ensure that you’re running the latest versions of the VaultPress and Slider Revolution plugins.
As always, if you have any questions or need further help, feel free to contact us!