This plugin checks the plugins you have installed against a list of vulnerabilities in plugins that we have seen hackers trying to exploit. If the installed version of a plugin is vulnerable an alert is added to the Installed Plugins page and an email alert is sent, otherwise details of the vulnerabilities are included on the Plugin Vulnerabilities page.
This data can also be helpful when cleaning up a hacked website, as you want to determine how the website was hacked when doing that and this data may provide part of information needed to do that.
Since the vulnerability data for the plugin is included in the plugin, you will need to keep the plugin up to date to insure you have the latest data. You can use our Automatic Plugin Updates plugin to automatically update this plugin and your other installed plugins.
You can use our Plugin Security Checker plugin to check if a plugin might contain additional security issues.
SIGN UP FOR OUR PLUGIN VULNERABILITIES SERVICE
You can get alerted for known vulnerabilities in all the plugins you use, not just ones that we are already seeing evidence that hackers are targeting, when you sign up for our Plugin Vulnerabilities service. As the data for that comes from checking with our service’s API, you don’t need to update the plugin to get alerted to new issues and you can have checks done as often as hourly.
Currently our service warns about vulnerabilities in the most recent version of plugins with over one million active installs that are still available in the Plugin Directory.
Through the service you also have access to a number of other important features including the ability to suggest/vote for which plugins we will do security reviews of and help when dealing with a situation where you are using a plugin where the vulnerability has yet to be fixed (we can usually provide a temporary fix for the issue).
Due to people on the WordPress side of things continued unwillingness to act in an adult professional manner you can currently get the plugin with this download.