Digital services provider dxw has launched MongooseWP.com: an email subscription service to alert website developers to security vulnerabilities in WordPress plugins.
dxw has found that over half of the plugins it has tested to date contain serious security vulnerabilities. The company delivers and hosts websites for the public sector and has developed in-depth knowledge of WordPress plugin security issues as part of its work. Of 825 plugins dxw has tested to date, 52% were found to contain security weaknesses.
In an effort to further improve information about insecure plugins, dxw is now proactively seeking out information about published vulnerabilities in WordPress plugins and is making that data available via its MongooseWP service. The service helps WordPress website owners to stay one step ahead of hackers by automatically alerting them if they’re using a plugin containing a published vulnerability.
Harry Metcalfe, MD of dxw, explains: “Before we use any WordPress plugin, we assess it carefully to ensure that it meets a basic standard of security. We often find that even quite popular plugins contain serious security weaknesses.”
The service as a concept has received positive feedback from the developer community and is now available via a monthly per site subscription at www.mongoosewp.com.
Metcalfe concludes: “Many plugins appear credible, with high star ratings and hundreds of thousands of downloads. Unfortunately, this is not a reliable way to assess security. If you’re operating a WordPress website which uses plugins, you need to be proactive. By giving your team the information they need to take action, MongooseWP can significantly reduce the chances you’ll be hacked - at minimal cost.
Visit www.mongoosewp.com for more information.
