How do you vet / audit Plugins and Themes for securing your sites?

Hi all,

I’m seeking some advice on how you ensure the security of your WordPress plugins and themes?

This is my first job as a WordPress dev at a university and my boss is asking about how we would be able to prove certain useful plugins are secure to the higher-ups.

What are your thoughts and experiences on:

1. What tools or methods do you use to audit the security of a plugin or theme before using it or after installing it?

2. How do you handle plugin / theme updates over time to make sure they are still secure (like there aren’t malicious requests being made)?

Any advice would be greatly appreciated. Thanks for your help!

1 Comment
  1. You can check plugins vulnerability using many tools.

    The one I use is this:

    [https://www.wordfence.com/threat-intel/vulnerabilities/wordpress-plugins/])

    Do not use nulled plugins or themes as they contain backdoors.

 

This site will teach you how to build a WordPress website for beginners. We will cover everything from installing WordPress to adding pages, posts, and images to your site. You will learn how to customize your site with themes and plugins, as well as how to market your site online.

Buy WordPress Transfer