background preloader

Monitoring Plugins Security Vulnerabilities

Facebook Twitter

Wordpress as an organization does not provide a way to monitor the numerous plugins available for wordpress for security vulnerabilities ..

So, how to go about doing this?

Plugin Vulnerabilities. Get Email Alerts of Security Vulnerabilities in WordPress Plugin. As a webmaster of a WordPress site, the topmost priority is to keep it secure.

Get Email Alerts of Security Vulnerabilities in WordPress Plugin

With thousands of plugins in the WordPress repository, all it takes is just a malformed code in a plugin to bring the whole site down. We have shown you some of the security plugins that you can use to protect yourself, and to bring it further, you can now configure WordPress to send you email notifications when a security vulnerability is found in your WordPress plugins. Plugin Vulnerabilities is a simple WordPress plugin that actively scans your installed plugins and sends you an email alert when a security vulnerability is found. The usage is very simple. Once installed, go to “Plugins -> Plugins Vulnerabilities” to configure the settings. On the settings page it shows you a list of vulnerabilities found in your existing installed plugins and also known vulnerabilities for the past versions of existing plugins. Feature suggestion : periodical email notification/reminder of security updates. I allow myself to bump this topic with a neighbouring concern : the plugins.

Feature suggestion : periodical email notification/reminder of security updates

I DO know that eventually, the responsability of one's wordpress security relies on the shoulders of the "technical contact", either the admin, or the professional hired by the admin as long as that professional remains under contract. We've discussed this before, my attitude might look pushy, my main argument is that there are so many WordPress blogs on the internet that WordPress now gained a "systemic" responsibility, and has to help unaware persons even if they don't give a hell about it and would have prefered to stay with an unhealthy obsolete installation. OK, so, my additional concern. I wanted to give a friend the list of the plugins I'm using on my biggest blog, so I parsed their list in my admin, to get their wordpress.org/extend/plugins/plugin-name hyperlinks.

Then I noticed that the links for 2 of my plugins were not working, nothing found. WP Updates Notifier. Monitors your WordPress installation for core, plugin and theme updates and emails you when they are available.

WP Updates Notifier

This plugin is ideal if you don't login to your WordPress admin regularly or you support a client's website. Features Set the interval of how often to check for updates; hourly, twice daily or daily.Sets WordPress to check for updates more often meaning you get to know about updates sooner.Get emailed about core, plugin and theme updates.Chose if you want to be notified about active only themes and plugins updates.Remove upgrade nag message to non-admin users.For advanced users there are a number of filters and actions you can use.

More coming soon. How to Get Notification of WordPress and Plugin Updates. Have you ever wished you could be notified whenever there’s a WordPress update available or there’s a plugin on your WordPress powered website that’s in need of upgrading?

How to Get Notification of WordPress and Plugin Updates

With WordPress in use on such a large number of websites worldwide it has never been more vulnerable to attack. Unfortunately there will always be people who are trying to find and exploit any weakness they can use to their advantage. Whether it’s a weakness in the WordPress code itself or a flaw in one of the many plugins available for WordPress there will always be a risk. Keep your WordPress up-to-date That’s why keeping your WordPress install and all the plugins you use up-to-date is so important. Fortunately for you and me there’s a plugin that will keep you posted when there’s an update available. It’s called WP Updates Notifier and this handy plugin will email you whenever a WordPress update has been released or a plugin updated. Do I really need this? What about Multisite? Get Email Alerts of Security Vulnerabilities in WordPress Plugin.

Get Email Alerts for Security Vulnerabilities in Your WordPress Plugins. WordPress users have been subject to a rash of plugin vulnerabilities over the past couple of months.

Get Email Alerts for Security Vulnerabilities in Your WordPress Plugins

Some of these vulnerabilities have been so widespread that the FBI recently warned users of attacks designed to exploit WordPress sites. Not long after WordPress published its Security White Paper, an outbreak of issues popped up, starting with a blind SQL injection vulnerability in WordPress SEO by Yoast, followed by a security release from the Pods Framework, and a few other plugins containing similar issues. WordPress.org has not yet created a way to publicly identify the plugins for which its security team is pushing out automatic updates. The process involves coordination with the plugin developer and the core developers who have been allocated to verify and test the vulnerabilities. In the meantime, WordPress users need to remain vigilant about staying current with updates.