We have LayerSlider installed on over 100 websites that are running Enfold themes. They all need updates. We have been alerted to a malware code injection and LayerSlider is one of the vulnerabilities. The links in the notification to update the version of LayerSlider do not work. I can't remove the plugin through regular methods - it seems to be embedded in the theme files. Please help.
Thank you for getting in touch with us. My name is John, and I'm happy to assist you today. I appreciate your patience while we've been working toward your case.
I fully understand your concern. We take security very seriously and usually patch vulnerabilities within days (and often just hours) after receiving a report. We aren't aware of any current vulnerabilities in LayerSlider, but as with any software, it's important to keep it up-to-date. The latest version of LayerSlider is 7.11.2, which was released just a few days ago.
Updating Enfold itself should automatically update the bundled version of LayerSlider. However, Enfold has some quirks:
It doesn't always auto-update to the latest version. In fact, it might not even show you there's an update since some updates need to be installed manually. This might be a bug in some Enfold releases or an intentional requirement.
Enfold is one of the very few themes that bundle LayerSlider in a non-standard way, preventing you from using LayerSlider's update mechanism. The solution is simple: you need to install LayerSlider as you'd normally do, and Enfold will detect the official release and turn off its own built-in version. This will enable you to use LayerSlider without any side effects.
The second point about bundling LayerSlider in a non-standard way is also why you can't find LayerSlider under WordPress' Plugins screen to disable it. Instead, you'd need to go to Enfold's Theme Options → Layout Builder → Integrated (Bundled) LayerSlider Plugin.
Please let me know if I can help you with anything else - if not, I wish you a fantastic rest of the week.
We have LayerSlider installed on over 100 websites that are running Enfold themes. They all need updates. We have been alerted to a malware code injection and LayerSlider is one of the vulnerabilities. The links in the notification to update the version of LayerSlider do not work. I can't remove the plugin through regular methods - it seems to be embedded in the theme files. Please help.
Hi Amanda,
Thank you for getting in touch with us. My name is John, and I'm happy to assist you today. I appreciate your patience while we've been working toward your case.
I fully understand your concern. We take security very seriously and usually patch vulnerabilities within days (and often just hours) after receiving a report. We aren't aware of any current vulnerabilities in LayerSlider, but as with any software, it's important to keep it up-to-date. The latest version of LayerSlider is 7.11.2, which was released just a few days ago.
Updating Enfold itself should automatically update the bundled version of LayerSlider. However, Enfold has some quirks:
The second point about bundling LayerSlider in a non-standard way is also why you can't find LayerSlider under WordPress' Plugins screen to disable it. Instead, you'd need to go to Enfold's Theme Options → Layout Builder → Integrated (Bundled) LayerSlider Plugin.
Please let me know if I can help you with anything else - if not, I wish you a fantastic rest of the week.
Best Regards,
John | Kreatura Dev Team