Support » Plugin: Plugin Vulnerabilities » Should be built in to WordPress

  • This is an absolutely essential plugin which should be built in to WordPress itself frankly to warn people that the plugins they are using contain exploits.

    I own a hosting company and much of our work is helping customers recover from hacked installs of WordPress, Joomla, Magento or whatever software they’ve installed years previously but never updated. WordPress, being used by apparently 25% of the world’s websites is a particular target.

    I’m giving it 4/5 only because the signatures of each vulnerable plugin this tracks in the plugin’s /vulnerabilities/ folder do themselves trigger false positive reports in server side exploit tools such as the very commonly used cxs by ConfigServer.com. If those were stored in such a way that cxs wouldn’t report them then this gets 5/5.

  • The topic ‘Should be built in to WordPress’ is closed to new replies.