nezirus

It is related, see the release notes for Revive 4.2, first fixed security vulnerability. The exploit was active in the wild at least from December 2018, all pointing to the single unguarded unserialize() in adxmlrpc.php . Filtering POST requests was acceptable workaround (as suggested in ).

Guys, for starters, limit access to admin parts of the revive, and more importantly, filter out POST requests from unknown IP addresses. If somebody is under attack and is able to collect access logs for POST request and payloads, that would be just great.