Support » Plugin: Plugin Inspector » Awesome Plugin for Anyone Interested in WP Security

  • Jorge Rodriguez

    (@catupiryisjustcreamcheese)


    I am a fan of the Plugin Inspector plugin. One of the things that I read on the site of our firewall provider was to check the code of our plugins one by one.

    This plugin helped me a lot to achive that faster. Whith these data I even could made a risk analisys of our plugins. That helped us decide to stop using a plugin that seemed too vulnerable compared to others. Later we found out it was cataloged as unsafe by JetPack, Accunetix and many others.

    Making a risk analysis is time consuming but worth it. That’s why I want to request the developers to consider this feature request:

    The idea is to present a risk score in the plugin list that would for example be calculated like this:

    Risk Score: Number of Low risk findings + 5* Number of Medium Risk Findings + 10* Number of High Risk Findings + 10* Number of Deprecated Findings

    That and a way to order the list based on the score, which would easily make it clear which one of your plugins you should start inspecting right away or look for alternatives.

    Cheers

Viewing 2 replies - 1 through 2 (of 2 total)
  • Plugin Author Gioni

    (@gioni)

    Thanks! That’s a interesting idea! I should implement it. Do not forget also that it’s a static code inspection and do not reveal all possible security flaws.

    Jorge Rodriguez

    (@catupiryisjustcreamcheese)

    Dear Gioni,

    Sorry for replaying so late. I hadn’t seen your reply yet.

    Lately, I have been trying a plugin called Risk List:

    http://risklist.co.uk/
    https://wordpress.org/plugins/risk-list/

    It’s not yet very popular, and that is a pity, because it is very good.

    Imagine if one could implement your static code inspection analysis and then see a risk heat map of your own plugins. That would be just amazing. Wouldn’t you think?

Viewing 2 replies - 1 through 2 (of 2 total)
  • The topic ‘Awesome Plugin for Anyone Interested in WP Security’ is closed to new replies.