Plugin Inspector reveals security issues with other plugins
Want to know more about plugins you have installed on your blog?
The Plugin Inspector plugin is an easy way to check plugins installed on your WordPress and make sure that plugins do not use deprecated WordPress functions and some unsafe functions like eval, base64_decode, system, exec, etc. Some of those functions may be used to load malicious code (malware) from the external source directly to the site or WordPress database.
- Scans plugins for deprecated WordPress functions
- Scans plugins for unsafe functions like eval, base64_decode, system, exec, etc.
- Checks plugins to find vulnerabilities listed in WPScan Vulnerability Database
- Beautiful source code viewer with highlighting
Plugin Inspector allows you to view all the deprecated functions complete with path, line number, deprecation function name, and the new recommended function to use. The checks are run through a simple admin page and all results are displayed at once. This is very handy for plugin developers or anybody who want to know more about installed plugins.
All code that uses the deprecated functions should be converted to use its replacement if one exists. Because deprecated functions are no longer supported and may be removed from future versions of WordPress.Download Plugin Inspector from WordPress.org
Last posts from WordPress security blog
- Development version 7.6.1 September 4, 2018
- WP Cerber Security 7.6 August 31, 2018
- Get WordPress protected: rename the plugins folder August 27, 2018
- Development version 7.5.2 August 24, 2018
- WP Cerber Security 7.5 August 20, 2018