Login

WordPress Plugin Security Review

31 Jul 2024

WordPress Plugin Security Review: Plugin Vulnerabilities

As part of our push to improve the security of WordPress plugins, next month our Plugin Security Scorecard tool is going to start lowering the grade for plugins if the developer isn’t linking to the results of a security review of the plugin. To make sure that we practice what we preach, we are doing security review of our plugins and linking to those results in the way we are suggesting other developers do so. We can’t hire someone else to them, as we are not aware of anyone else that actually does reviews and has released any results to check on accuracy of their results. By comparison, we have been doing that for years.

For our third review, we checked over our Plugin Vulnerabilities plugin. [Read more]

29 Jul 2024

WordPress Plugin Security Review: Lockdown Mode

As part of our push to improve the security of WordPress plugins, next month our Plugin Security Scorecard tool is going to start lowering the grade for plugins if the developer isn’t linking to the results of a security review of the plugin. To make sure that we practice what we preach, we are doing security review of our plugins and linking to those results in the way we are suggesting other developers do so. We can’t hire someone else to them, as we are not aware of anyone else that actually does reviews and has released any results to check on accuracy of their results. By comparison, we have been doing that for years.

For our second review, we checked over our brand new Lockdown Mode plugin, which makes it easy to lockdown various WordPress functionality when changes don’t need to be made to a website. [Read more]

26 Jul 2024

WordPress Plugin Security Review: Plugin Vulnerabilities Firewall

As part of our new push to improve the security of WordPress plugins through our Plugin Security Scorecard tool, next month it is going to start lowering the grade for plugins if the developer isn’t linking to the results of a security review of the plugin. To make sure that we practice what we preach, we are doing security reviews of our plugins and linking to those results in the way we are suggesting other developers do so. We can’t hire someone else to do them, as we are not aware of anyone else that actually does reviews and has released any results to check on accuracy of their results. By comparison, we have been doing that for years.

For our first review, we checked over our Plugin Vulnerabilities Firewall plugin. [Read more]

23 Jan 2024

WordPress Plugin Security Review: Maspik – Spam blacklist

For our 43nd security review of a WordPress plugin based on the voting of our customers, we reviewed the plugin Maspik – Spam blacklist.

If you are not yet a customer of the service, once you sign up for the service as a paying customer, you can start suggesting and voting on plugins to get security reviews. For those already using the service that haven’t already suggested and voted for plugins to receive a review, you can start doing that here. You can use our tool for doing limited automated security checks of plugins to see if plugins you are using have possible issues that would make them good candidates to get a review. You can also order a review of a plugin separately from our service. [Read more]

11 Aug 2023

WordPress Plugin Security Review: Meta Box

For our 42nd security review of a WordPress plugin based on the voting of our customers, we reviewed the plugin Meta Box.

If you are not yet a customer of the service, once you sign up for the service as a paying customer, you can start suggesting and voting on plugins to get security reviews. For those already using the service that haven’t already suggested and voted for plugins to receive a review, you can start doing that here. You can use our tool for doing limited automated security checks of plugins to see if plugins you are using have possible issues that would make them good candidates to get a review. You can also order a review of a plugin separately from our service. [Read more]

13 Feb 2023

WordPress Plugin Security Review: ShortPixel Image Optimizer

For our 41st security review of a WordPress plugin based on the voting of our customers, we reviewed the plugin ShortPixel Image Optimizer.

If you are not yet a customer of the service, once you sign up for the service as a paying customer, you can start suggesting and voting on plugins to get security reviews. For those already using the service that haven’t already suggested and voted for plugins to receive a review, you can start doing that here. You can use our tool for doing limited automated security checks of plugins to see if plugins you are using have possible issues that would make them good candidates to get a review. You can also order a review of a plugin separately from our service. [Read more]

8 Feb 2023

WordPress Plugin Security Review: Beautiful Cookie Consent Banner – Premium Add-On

We were recently hired to do a security review of the WordPress plugin Beautiful Cookie Consent Banner – Premium Add-On.

If you want a security review of plugins you use, when you become a paying customer of our service, you can start suggesting and voting on plugins to get security reviews from us. For those already using the service that haven’t already suggested and voted for plugins to receive a review, you can start doing that here. You can use our tool for doing limited automated security checks of plugins to see if plugins you are using have possible issues that would make them good candidates to get a review. You can also order a review of a plugin separately from our main service. [Read more]

6 Feb 2023

WordPress Plugin Security Review: Beautiful Cookie Consent Banner

We were recently hired to do a security review of the WordPress plugin Beautiful Cookie Consent Banner, after getting in touch with them about a vulnerability that was being exploited after other security providers failed to properly check over a previous claim of a vulnerability in the plugin.

If you want a security review of plugins you use, when you become a paying customer of our service, you can start suggesting and voting on plugins to get security reviews from us. For those already using the service that haven’t already suggested and voted for plugins to receive a review, you can start doing that here. You can use our tool for doing limited automated security checks of plugins to see if plugins you are using have possible issues that would make them good candidates to get a review. You can also order a review of a plugin separately from our main service. [Read more]

25 Oct 2022

WordPress Plugin Security Review: GN Publisher

Before we start using a new WordPress plugin on our website, we do a security review of it, which led to us doing one for GN Publisher.

If you want a security review of plugins you use, when you become a paying customer of our service, you can start suggesting and voting on plugins to get security reviews from us. For those already using the service that haven’t already suggested and voted for plugins to receive a review, you can start doing that here. You can use our tool for doing limited automated security checks of plugins to see if plugins you are using have possible issues that would make them good candidates to get a review. You can also order a review of a plugin separately from our main service. [Read more]

26 May 2022

WordPress Plugin Security Review: SearchWP Live Ajax Search

For our 40th security review of a WordPress plugin based on the voting of our customers, we reviewed the plugin SearchWP Live Ajax Search.

If you are not yet a customer of the service, once you sign up for the service as a paying customer, you can start suggesting and voting on plugins to get security reviews. For those already using the service that haven’t already suggested and voted for plugins to receive a review, you can start doing that here. You can use our tool for doing limited automated security checks of plugins to see if plugins you are using have possible issues that would make them good candidates to get a review. You can also order a review of a plugin separately from our service. [Read more]