Plugins DatabasePlugins Database logo
Back to plugins
Homepage WordPress

Actions

DownloadAuthor pageSee on WordPress

Plugin info

Total downloads: 8,301
Active installs: 200
Total reviews: 8
Average rating: 3.8
Support threads opened: 0
Support threads resolved: 0 (0%)
Available in: 1 language(s)
Contributors: 1
Last updated: 11/16/2017 (2967 days ago)
Added to WordPress: 4/7/2016 (9 years old)
Minimum WordPress version: 4.0
Tested up to WordPress version: 4.9.28
Minimum PHP version: f

Maintenance & Compatibility

Maintenance score

Possibly abandoned • Last updated 2967 days ago • 8 reviews

22/100

Is Vulnerable Plugin Checker abandoned?

Possibly abandoned (last update 2967 days ago).

Compatibility

Requires WordPress: 4.0
Tested up to: 4.9.28
Requires PHP: f

Ratings

5
0
1
0
2See all reviews

Developers

Storm Rockwell (Owner)2

Languages

Similar & Alternatives

Explore plugins with similar tags, and compare key metrics like downloads, ratings, updates, support, and WP/PHP compatibility.

No similar plugins found yet.
See more alternatives to Vulnerable Plugin Checker

Description

This plugin automatically checks installed plugins for known vulnerabilities utilizing WPScan’s API and provides optional email alerts.

Features:

  • Automatic vulnerability detection in plugins utilizing WPScan’s API
  • Optional email alerts
  • Utilizes WP Cron to check for new security updates twice a day
  • Cached API results to decrease backend load time significantly

Installation

Installation & Activation

  1. Upload the folder “vulnerable-plugin-checker” to your WordPress Plugins Directory (typically “/wp-content/plugins/”)
  2. Activate the plugin on your Plugins Page.
  3. Suggestion: Install an SMTP plugin such as WP Mail SMTP to prevent potentially dropped emails
  4. Done!

Enable Email Updates

  1. After activating “Vulnerable Plugin Checker”, go to Settings > VPC Settings
  2. Check off “Allow Email Alerts” and enter your email in “Email Address”
  3. Click Save Changes

Frequently Asked Questions

Installation Instructions

Installation & Activation

  1. Upload the folder “vulnerable-plugin-checker” to your WordPress Plugins Directory (typically “/wp-content/plugins/”)
  2. Activate the plugin on your Plugins Page.
  3. Suggestion: Install an SMTP plugin such as WP Mail SMTP to prevent potentially dropped emails
  4. Done!

Enable Email Updates

  1. After activating “Vulnerable Plugin Checker”, go to Settings > VPC Settings
  2. Check off “Allow Email Alerts” and enter your email in “Email Address”
  3. Click Save Changes

Review feed

Andrew Rockwell
9/3/2016

Great stuff

Instantly works after activation, I didn't have to do anything else to set it up. Apparently my Visual Composer was vulnerable, wouldn't have found out otherwise.
Storm Rockwell
12/9/2016

I love my plugin

I can say it has made me feel safer when hosting sites. I get alerted before a hack takes place as I have dealt with hacked sites for far too long. I haven't dealt with a hacked site running my plugin. Plugin vulnerabilities are the easiest way for a hacker to get into your site/server.

Screenshots

  1. Backend display of the Plugins page (plugins.php)

    Backend display of the Plugins page (plugins.php)

  2. Backend display of the VPC Settings page (Settings > VPC Settings)

    Backend display of the VPC Settings page (Settings > VPC Settings)

Changelog

0.3.12

  • Fixed false positive by adding normalizing to the version number in case WPScan’s API adds .0 to the version number

0.3.11

  • Now the plugins page only shows only vulnerabilities that affect the current plugin version (suggested by @gbotica)
  • Fixed the Settings URL in multiple places (reported by @gbotica)

0.3.10

  • Fixed bug where unpatched vulnerabilities were ignored (reported by @pluginvulnerabilities)

0.3.9

  • Fixed notice appearing on PHP7+

0.3.8

  • fixed bug where it wouldn’t display the saved email

0.3.7

  • removed sslverify on wp_remote_get

0.3.6

  • changed cURL to wp_remote_get
  • added vulnerabilities on plugin page
  • fixed issue with plugin not pulling from cache

0.3.5

  • fixed readme error

0.3.4

  • fixed minor email bug

0.3.2

  • changed language

0.3

  • Rewrote the plugin for better performance, readability, and more
  • Dismissable error message in all back-end pages if there is a vulnerability
  • Added SMTP suggestion to prevent dropped emails
  • Removed success notice from plugin page if there are no vulnerabilities
  • Fixed a few non-breaking bugs
  • Added translatable text and translator comments. Translation help is welcome!
  • Added todo.txt to see my plans for future updates.

0.2.4

  • Fixed conflicts with Gravity Forms

0.2.3

  • Added support for adding multiple email addresses

0.2.2

  • Fixed issue where text display appeared on multiple backend pages

0.2

  • Text display on the plugins page if there are no known vulnerabilities
  • Runs a scan when a new plugin is activated
  • Fixed issue when a plugin was deleted it would throw an error

0.1.4

  • WP 4.5 Support

0.1.3

  • Fixed issue when more than one plugin was found vulnerable on plugins.php
Back to plugins