Little vulnerabilities are usually more dangerous than the big ones, they go by unnoticed until they get taken advantage of. It’s easy to miss them, unless someone points them out to you very obviously. That’s now our job, with the new Vulnerability feature, you will be notified which plugins are vulnerable to security breaches and urged to get them updated as soon as possible.
We’ve partnered with the fantastic team behind the WPScan Vulnerability Database to bring you the real time information about what plugins are vulnerable so you can act accordingly. Oh, and the best part, it’s completely free (we’ve absorbing the cost of the vulnerability database license and enabling this amazing feature for free on all your websites)!
This is a total game changer for your maintenance workflow – knowing that a website has a known vulnerability is hard to ignore. When you log in to your dashboard, you will be able to see which plugin is vulnerable, what the issue is, and on what websites this plugin is active, i.e. what websites can be affected by this vulnerability.
We look for a number of vulnerability updates and address issues like CSRF (Cross-Site Request Forgery), XSS (Cross-site scripting), RFI (Remote File Inclusion). That’s just to name a few. This way we are able to detect the most recent security holes and notify you to act on the problem in a timely manner.
We highlight the updates that contain vulnerability fixes, and if you hover over them, you will see a tooltip telling you exactly where the vulnerability lies.
This means that on top of having 1-click updates, where with one glance at your dashboard you can update all of your latest plugins, you can now also safeguard your websites from unwanted intruders with the additional free Vulnerability Updates notifications.
Remember the best way to make sure your websites are secure is to keep them updated! Have a further look at how Orion keeps your website secure, and just know we are always on the look out to find new ways to secure your websites.
Soon you can expect the same for your WordPress themes and WordPress core, so you can track vulnerabilities there as well.