What is the Vulnerabilities Scanner?
The Vulnerabilities Scanner is a part of the Hack Guard module. It is designed to regularly scan your list of the installed WordPress plugins and compare their current versions against a list of known plugin vulnerabilities.
What is a "known" plugin vulnerability?
A "known" vulnerability is one that has been publicly identified and is known to exist.
An "unknown" vulnerability is one that exists but is not publicly known.
What does this scanner not do?
This scanner will not detect the presence of security vulnerabilities in a plugin that are not "known".
What does this scanner do?
When a plugin is discovered that is known to contain a security vulnerability, the plugin will do 2x things:
- It will highlight the plugin on the plugins listing page on your WordPress admin
- It will send an email once per day (when the cron runs) notifying you for the plugin
This scanner is enabled from within Hack Guard module. You can also set it to automatically apply updates to items with known vulnerabilities when an update becomes available.
You can run this scanner from within main menu > Scans section > Run Scan. Vulnerable plugins will be displayed in the Scan Results, for example:
The vulnerable plugin will be also highlighted on the plugins listing page on your WordPress admin. For example:
We also highly recommend you to read A Complete Guide To The Shield Security Scans here.
Note: ShieldPRO is required for this scanner. To find out what the extra ShieldPRO features are and how to purchase, please follow this link here.