Plugins inspections and reviews
To make sure that the sites we build and the plugins they rely on are secure we regularly carry out plugin reviews and publish our findings.
WordPress security advisories, audit and assurance
We undertake a significant quantity of assurance work, to ensure that the sites we build and the plugins they rely on are secure. We publish information about that work on this site.
Recent plugin recommendations
Search & Filter Pro
Search & Filter Pro is a simple search and filtering plugin for WordPress – it is an advancement of the WordPress search box.
3.1.8 - Use with caution
Search & Filter
Search & Filter is a simple search and filtering plugin for WordPress – it is an advancement of the WordPress search box.
1.2.18 - No issues found
Alt Text AI – Automatically generate image alt text for SEO and accessibility
AltText.ai automatically generates alt text for your images.
1.10.14 - Use with caution
Signature for Gravity Form
Signature for Gravity Forms Addon enhances the functionality of Gravity Forms by adding a new custom field where users can capture signature and submit it as part of a form. The captured image is uploaded directly to your WordPress server, allowing for seamless integration with existing form submissions.
1.0 - Use with caution
ACF YouTube Picker
Search and select videos on YouTube without leaving the page.
3.1.0 - Use with caution
Recent advisories
CSRF in MapSVG Lite could allow an attacker to do almost anything an admin can
Severity: Medium
ACE via file inclusion in Redirection allows admins to execute any PHP file in the filesystem
Severity: High
CSRF in Tooltipy (tooltips for WP) could allow anybody to duplicate posts
Severity: Medium
Reflected XSS in Tooltipy (tooltips for WP) could allow anybody to do almost anything an admin can
Severity: Medium
Unserialization vulnerability in Redirection could allow admin to execute arbitrary code in some circumstances
Severity: High