Notifying about dangerous, already installed plugins

  1. Devtard


    Users who have installed a plugin that has been removed from the Plugin Directory, should be notified.

    Maybe there should be at least a RSS feed with recently deleted plugins.

    Posted: 3 years ago #
  2. Unsal Korkmaz

    I dont agree for RSS feed.

    For removed plugins; i believe plugin/theme update check system needs overhaul and dangerous plugin notification is really a good idea.

    Posted: 3 years ago #
  3. webaware


    Good idea. Meanwhile, you can subscribe to an RSS feed like this one to get advised about WordPress plugin/theme vulnerabilities.

    Posted: 3 years ago #
  4. I've created a plugin you might find useful and is related to the OP's request. It adds information to the plugin admin page including:

    1. WordPress plugin repository status i.e. in repository, removed from repository, never in repository
    2. last update date
    3. overall rating
    4. number of votes
    5. WordPress version compatibility range

    The way I determine if a plugin has been removed from the repository is by comparing its status on wordpress.org/plugins/ vs. svn.wp-plugins.org/. That is, a "live" plugin is in the plugin repo and one that is removed isn't, but it still has an entry in SVN.

    Also, some thresholds can be set and if not met, info on the plugin admin page are highlighted in red.

    If you have other ideas of what to add, let me know.


    Posted: 10 months ago #
  5. Ipstenu (Mika Epstein)

    Keep in mind that 'removed' from the repository is pretty much a crap shoot.

    We remove plugins for all sorts of reasons, including security, but more often they tend to be behavioral.

    Posted: 10 months ago #
  6. Yes that's a fair caveat. But removed, regardless of the reason, means no more updates to maintain compatibility, add features, or fix bugs. And since there's no notification, we're all be blissfully ignorant of such removals when they're permanent.

    Posted: 10 months ago #

RSS feed for this topic


You must log in to post.

  • Rating

    8 Votes
  • Status

    This idea is under consideration