This plugin taps into the power of the free and unlimited WordPress Vulnerability Database API to deliver vulnerability assessments directly within your WordPress dashboard. It’s an essential tool for website administrators, developers, and anyone keen on maintaining a secure WordPress environment.
Secure your WordPress experience today, your first line of defense against vulnerabilities!
Compatibility
- WordPress: 4.1 –> 6.6
- PHP: 5.6 –> PHP 8.3
- WordPress Coding Standards: 3.1.0
- WP-CLI: 2.3.0 –> 2.10.0
- Plugin Check (PCP)
Using the plugin
WP-CLI commands
And then, You will find these WP-CLI commands:
wp wpvulnerability --help: Get help with these commands.wp wpvulnerability core: List Core vulnerabilities.wp wpvulnerability plugins: List Plugins vulnerabilities.wp wpvulnerability themes: List Themes vulnerabilities.wp wpvulnerability php: List PHP vulnerabilities.wp wpvulnerability apache: List Apache HTTPD vulnerabilities.wp wpvulnerability nginx: List nginx vulnerabilities.
Configurations
From mail
Since WPVulnerability 3.2.1
If, for some reason, you need the emails sent by the plugin to have a From different from the site administrator, you can change it from the wp-config.php by adding a constant:
define( 'WPVULNERABILITY_MAIL', 'sender@example.com' );Security
This plugin adheres to the following security measures and review protocols for each version:
- WordPress Plugin Handbook
- WordPress Plugin Security
- WordPress APIs Security
- WordPress Coding Standards
- Plugin Check (PCP)
Privacy
- This plugin or the WordPress Vulnerability Database API does not collect any information about your site, your identity, the plugins, themes or content the site has.
Vulnerabilities
- No vulnerabilities have been published up to version 3.2.0.
Found a security vulnerability? Please report it to us privately at the WPVulnerability GitHub repository.
Contributors
You can contribute to this plugin at the WPVulnerability GitHub repository.