SEOClerks

How to check WordPress plugins and themes vulnerability Tutorial



Enter a reason for deleting this comment

How to check WordPress plugins and themes vulnerability

So far we were discussing different problems regarding WordPress which can pop up while using some plugins and / or themes. Now let's see how to check their vulnerabilities to make sure your website is safe and without problems. Perhaps even WordPress core can have vulnerabilities.
Beside updating your WordPress CMS, it's plugins and themes regularly to the latest versions, it's also recommended to check their vulnerabilities maybe even before you install some of them on your blog. To do so, you not even need to be guru or check files and it's codes. Like many other things, even this checkup is simplified by WPScan Vulnerability Database website where you can enter name of some plugin or theme to search if there is any reported vulnerabilities. Then if you find one, click on it's name on the list to see details and how vulnerable or risky it is.

Hope this little tutorial will save you some time and lower your risks. If you know some similar tactic, please share here.

Comments

Please login or sign up to leave a comment

Join
TommyCarey

That website is pretty sweet How to check WordPress plugins and themes vulnerability I never thought about the plugins having vulnerabilities. I know that WP has had some problems in the past where hackers could take advantage of vulnerabilities within the WP dashboard itself, but not the plugins.

How many people have had problems with their plugins being the source of a hack?



Are you sure you want to delete this post?

idealmike

Interesting. I've never personally had a WP site hacked from a plugin vulnerability before. Usually it's been hacked because of a WP core vulnerability. And in most cases it's been hacked via the XML-RPC (xmlrpc.php) file which I now disable on all my WP sites. It does come with some drawbacks when you disable XML-RPC because it's used for so many legitimate things but since doing so, I've never had any of my WP sites hacked. You can read more about it on the Wordfence blog for should you disable XML RPC on WordPress.

But I'll try to remember that site when I next want to use a plugin that looks good but I'm unsure about. So I can just search the site for the plugins name right and it will tell me if that plugin has been reported or not and what the vulnerabilities (if any) are with it right?



Are you sure you want to delete this post?

Lynne

Oh well that is going to be big time helpful for me Anwebservices! I love all these tips that can help someone like me that has not got much technical experience... or aptitude!



Are you sure you want to delete this post?

EliteWriter

Fully agree How to check WordPress plugins and themes vulnerability I am along those lines too, I am not much of an expert and I am finding it really helpful that these tutorials are made with people such as us in mind. They are relevant and helpful, and explained very well. Thanks Anwebservices.



Are you sure you want to delete this post?

Lynne

And I was thinking you were one of those other people that knew how to do all that technical stuff? Seems we are more similar than I thought, more focused on content writing and online marketing side How to check WordPress plugins and themes vulnerability



Are you sure you want to delete this post?

EliteWriter

Yes definitely. I am far from being technical believe me. Although thanks to these discussions I learnt some technical things by reading and trying to understand a bit more. I wish I was more conversant with certain things that many others seem to be experts at, but alas I am not that good at that.



Are you sure you want to delete this post?

Lynne

Yes I am also learning loads here, which is great. What I enjoy is that the members here take the time to answer my questions about the technical things I don't understand which helps me to understand things better. Ok well sometimes it just makes me more confused and realize that I will never understand some things...



Are you sure you want to delete this post?