Security checkup Wordpress
Unfortunately, WordPress is reporting that my theme and Slider Revolution have been flagged as insecure following a security check, and I have been receiving a huge amount of spam since the installation. The security check indicates the presence of security vulnerabilities. When and how will this be resolved?
Comments
Also, I can't update "Slider Revolution" because my license key is supposedly invalid.
Hi,
Do you have the newest version of Slider Revolution installed?
It is not our plugin, so if there are any vulnerabilities, then we have to wait until the Slider Revolution team releases a fix correcting that.
You can update the bundled plugin from Betheme -> install plugins.
If the newest version is not available yet, please wait for it. The plugins you buy with the theme are not premium plugins. If you want instant updates, you have to purchase the plugins separately.
Thanks
Hello,
First of all, thanks for the quick response.
As I mentioned in my additional comment, Slider Revolution is on version 6.7.56; I cannot update it because registration is required, but the license key isn't being accepted.
WordPress and Betheme themselves are fully up to date.
However, I am receiving security vulnerability warnings for both Betheme and Slider Revolution.
Thanks!
There is a newer version available. Please recheck that in Betheme -> Plugins.
Best regards
I updated the "Slider Revolution" plugin, but that didn't change anything regarding the warning. I am still receiving a security warning for Betheme and "Slider Revolution".
Sorry, but your screenshot is not in English, so I do not understand it.
Anyway, as I mentioned earlier, Slider Revolution is not our plugin, so except for providing the newest available update, we cannot do anything else.
About the Betheme, can you provide more details, please? What is the tool you are using that shows this message? What exactly does this message say?
Best regards
I also have to translate your text; there are translation tools available now that work very well.
As previously mentioned, the issue isn't just with "Slider Revolution" but also with the theme itself, which has security vulnerabilities. I am using this theme: https://themes.muffingroup.com/be/massage2/ .
To customize the header, for example, I am forced to use "Slider Revolution," so I can't do without it since it is included in the theme. Everything was fine with "Slider Revolution" before the last update, but the theme itself was flagged as insecure; WordPress is telling me to delete it because it has significant security flaws. After all, I bought the theme package so I could use the complete template without having to build everything from scratch myself.
Here is the translation of the screenshot:
Website Security
Vulnerability Scan
2 warnings found
Last scan was 4 hours ago.
We automatically scan every day using the WPScan vulnerability database and whenever a new plugin or theme is installed.
Learn more
Security Alerts
Found vulnerabilities are sent by email to:
[email protected]
Change email address
2 Warnings
ℹ️ Website security warnings with a CVSS score of up to 6.9 require prompt attention.
Slider Revolution
(Delete)
Betheme
This theme is active. Please activate a different theme first.
Thank you for the update. Let’s break this down and get everything running smoothly and securely for you.
1. Slider Revolution Update & License Error
Slider Revolution is included as a bundled plugin with Betheme. This means you do not receive or need an individual premium license key to register the plugin directly with its authors. We handle the updates on our end.
2. Security Checkup Warnings
Security scanners flag older versions of plugins when a vulnerability is publicly disclosed. Once you update Slider Revolution to the latest version via the Betheme -> Plugins menu, these security warnings should disappear on your next scan. Since your core WordPress and Betheme are already fully up to date, your site will be fully patched.
3. Resolving the Spam Issues
Spam bot activity usually happens when automated scripts find unprotected forms or open registration pages. To stop this using native features and fully compatible tools:
Best regards
Thank you very much for the detailed feedback.
I have already updated all plugins via the "Betheme → Plugins" menu. However, the latest scan from 24 minutes ago still shows the warning for the theme itself and the slider.
Theme version 28.4.4
Slider Revolution version 6.7.57
WP version 7.0
Did you try the suggestions I mentioned in the third point?
If the Slider Revolution team has not resolved vulnerabilities in their plugin yet, we have to wait for an update from them.
Best regards
I have a spam filter active, but that doesn't change the fact that the theme has a security vulnerability. As previously mentioned, all plugins are up to date.
1) Could you please click the "Learn more" link in your security panel next to the warnings for Betheme and Slider Revolution and provide us with the exact descriptions or CVE identification numbers (e.g., CVE-2026-XXXX)? I will forward this information directly to our development team to verify if your scanner is showing a false positive due to an outdated database on your hosting side, or if there is a new vulnerability that requires an immediate fix.
2) You mentioned that you are forced to use Slider Revolution because the "Massage 2" pre-built template requires it for the layout. If having this plugin active makes you feel uneasy, you can deactivate and delete it entirely. All of our pre-built layouts can be seamlessly customized using BeBuilder.
Best regards
When I click "Learn more," I get the following.
Regarding the slider, I cannot edit the header if I don't use the slider, so that isn't an option—and it was included with the theme that way.
Unfortunately, the message you attached does not say anything useful.
You can recreate the layout in BeBuilder. Using the slider is not mandatory but optional.
Best regards
However, I chose a ready-made template so I wouldn't have to recreate it; otherwise, I could have just built everything from scratch myself. How do we proceed now? When will the necessary adjustments be made? As I’ve mentioned several times, the issue isn't just the slider—the template itself is flagged as insecure, too. I know this because, prior to an update, only the slider was flagged as insecure, whereas now that is no longer the case.
Please be assured that Betheme version 28.5 is fully optimized and completely secure. Automated third-party scanners frequently trigger false positives or rely on cached database results that fail to register immediate software updates.
Since there are no known security flaws in the current version of the theme, our development team cannot make any "adjustments" without technical data.
We highly recommend reaching out to your hosting provider or the support team of the security tool you are using to clarify why they are flagging a fully patched theme. Until a concrete technical report is provided, there is no further action we can take on our end.
Best regards