We all know to check our plugins to see if there are updates available. What if a vulnerability has been discovered in one of our plugins and it’s author has not fixed it? Worse yet, what if the plugin has been abandoned? You’ll never know that the plugin is causing a security vulnerability in your website. And eventually the bots will find it and exploit it.
We solve this for our clients by instally the Jetpack Protect plugin on each client website. Nightly, Jetpack Protect does two things:
- Check your plugins against the WordPress Repository ot identify abandoned plugins.
- Check your plugins agains the WPSCAN database of plugin vulnerabilities.
You still need to manually check the WordPress Protect dashboard to see the results. We do this daily for every client.