What is the Vulnerability Scanner?
The Vulnerabilities Scanner is a part of the Scans & Integrity Zone. It is designed to regularly scan your list of the installed WordPress plugins and compare their current versions against a list of known plugin vulnerabilities.
What is a "known" plugin vulnerability?
A "known" vulnerability is one that has been publicly identified and is known to exist.
An "unknown" vulnerability is one that exists but is not publicly known.
What does this scanner not do?
This scanner will not detect the presence of security vulnerabilities in a plugin that are not "known".
What does this scanner do?
When a plugin is discovered that is known to contain a security vulnerability, the plugin will do 2x things:
- It will highlight the plugin on the plugins listing page on your WordPress admin
- It will send an email notifying you for the plugin
This scanner is enabled from within Scans & Integrity Zone. You can also set it to automatically apply updates to items with known vulnerabilities when an update becomes available.
You can run this scanner manually by using the Run manual scan option.
Vulnerable plugins will be displayed in the Scan Results.
The vulnerable plugin will be also highlighted on the plugins listing page on your WordPress admin. For example:
To learn more about this Vulnerability Scanner, read this blog article here.
Vulnerabilities email alert
Shield’s vulnerability scanner will normally alert you to the presence of vulnerabilities via the standard Report Alert feature.
However, you can be instantly alerted as soon as a vulnerability has been discovered by using Instant Alerts feature.
We also highly recommend you to read A Complete Guide To The Shield Security Scans here.
Note: ShieldPRO is required for this scanner. To find out what the extra ShieldPRO features are and how to purchase, please follow this link here.