Little vulnerabilities are usually more dangerous than the big ones, they go by unnoticed until they get taken advantage of. It’s easy to miss them, unless someone points them out to you very obviously. That’s now our job, with the new Vulnerability feature, you will be notified which plugins are vulnerable to security breaches and urged to get them updated as soon as possible.
Oh, and the best part, it’s completely free (we’ve absorbed the cost of the vulnerability database license and enabled this amazing feature for free on all your websites)!
This is a total game changer for your maintenance workflow – knowing that a website has a known vulnerability is hard to ignore. When you log in to your dashboard, you will be able to see which plugin is vulnerable, what the issue is, and on what websites this plugin is active, i.e. what websites can be affected by this vulnerability.
We look for a number of vulnerability updates and address issues like CSRF (Cross-Site Request Forgery), XSS (Cross-site scripting), RFI (Remote File Inclusion). That’s just to name a few. This way, we are able to detect the most recent security holes and notify you to act on the problem in a timely manner.
We highlight the updates that contain vulnerability fixes, and if you hover over them, you will see a tooltip telling you exactly where the vulnerability lies.
This means that on top of having 1-click updates, where with one glance at your dashboard you can update all of your latest plugins, you can now also safeguard your websites from unwanted intruders with the additional free Vulnerability Updates notifications.
Remember the best way to make sure your websites are secure is to keep them updated! Have a further look at how Orion keeps your website secure, and just know we are always on the look out to find new ways to secure your websites.
Soon you can expect the same for your WordPress themes and WordPress core, so you can track vulnerabilities there as well.
Chip
We need to be able to get email notification when a vulnerability is detected. A clear email notifications with proper subject “vulnerability detected… ” so they would not be missed or dismissed for regular daily email digests.
anthony
Things just keep getting better – thank you!
ian
Great idea – really happy you’ve added this feature.
filewatcher
Thank you for this service. I’m so happy with all the services you provide.
Donna McMaster
Thanks so much! I love how you take care of my clients and their websites. Helps me sleep at night. 🙂
Nevena Tomovic
Hey Donna, thank you, very glad to hear that! 🙂
ivycat
This is fantastic! So cool and amazingly useful.
Thanks Vladimir and ManageWP Team!
kevindenkers
This is a great addition to Orion. Thanks! Would it be possible to add this for themes as well?
Nevena Tomovic
Hey Kevin,
Yes we will add it for themes and WordPress core as well. Plugins are our starting point 🙂
Tom Townsend
Wow the team at ManageWP continues to go above and beyond in what they are providing with Orion. This new Vulnerabilities Update notification is a Game Changer for sure. We are so sure of the value this and other features provided by the NEW Orion product that we are branching off to help even more Business Minded folks discover the safety and security of WordPress. WP-ServiceManager will be launching soon – powered by ManageWP – Orion – Simply AWESOME.
GINGALLEY
Ditto as @brianjosephking.
GINGALLEY
Just seeing your message after refreshing @Vladimir. You can delete my comment. 😉
brianjosephking
Nice, thank you! Perhaps I can remove my email subscription from https://wpvulndb.com/ now! I do have a question though, several of my sites were showing the “Vulnerable” icon, however, when I look at the Plugin/theme updates in Orion nothing is showing as being vulnerable.
Any ideas?
Vladimir from ManageWP
We are still tweaking the data we’ve got today. By tomorrow it should work as expected.