WordPress is popular for a reason, it is feature filled, secure, and flexible. Moreover, almost every WordPress user makes use of different plugins to enhance and protect the WordPress site. In fact, it is one of the first things to after installing WordPress. As useful as the plugins are, they not only make your site flexible but also makes your site a subject of the plugin vulnerabilities.
These vulnerabilities in the installed plugins can lead to hacked sites, data loss, etc. So it is the responsibility of every WordPress admin to keep their site secure and safe.
One way to keep your WordPress site secure is to keep it up to date and keep track of the site activities and changes. Taking it one step further, here is how to receive email notifications of security vulnerabilities in installed plugins on your WordPress website so that you can update them as soon as possible.
Plugin Vulnerability Email Notifications
To receive email notifications of security vulnerabilities in installed plugins on your WordPress site, you need to install the plugin, Plugin Vulnerabilities. So, install the plugin like any other WordPress plugin and once installed, activate it by click on the link “Activate Plugin.”
Once activated, the plugin automatically scans for vulnerable plugins and if it finds any vulnerable plugin(s), it will show you an alert message just under the plugin information in the Installed Plugins page.
By default, the email notifications about vulnerable plugins setting is disabled. To change that, open the plugin settings page by navigating to “Plugins” and then “Plugin Vulnerabilities.”
In the settings page, the plugin will show you all the plugins with existing vulnerabilities and known vulnerabilities in past versions of the installed plugins.
Just under that, select the option “Enabled” from the drop-down menu and click on the button “Save Changes” to save the changes.
That’s all there is to do. From this point forward, you will receive email notifications whenever a plugin that you installed is vulnerable to known security flaws.
What to Do If a Plugin Is Vulnerable
When you get an email notification or if you know that the installed plugin is vulnerable to known attacks. The first thing to do is see if the plugin developer has released an update to fix the problem. If there is an update then apply the update as soon as possible.
If there is no update available, then deactivate and delete the plugin for the time being. If the plugin functionality is important to your site, then look for an alternative plugin that meets your requirements. But never use a vulnerable plugin as it might compromise your WordPress site.
That’s all for now and if you have disabled the automatic updates then this plugin is really help as it will send you a simple and quick email notification so that you can quickly update the vulnerable version. If you like this article then do learn how o further secure the WordPress admin area.
Do comment below sharing your thoughts and experiences about using the above plugin to receive email notifications of security vulnerabilities in installed plugins in WordPress.