A new measure has just been taken to substantially improve WordPress security and it may be really important. The WordPress Plugins Team has decided to roll out automatic security analyses for all plugin updates.
It is well known that plugins are a major entry point for bad actors into our WordPress sites and this measure will now strengthen security and improve development. The Plugin Check plugin now runs on every update on WordPress.org and automatically notifies plugin authors of any issue it finds.
Since October 27, Plugin Check not only runs when a new plugin is uploaded to the repository but also when a new one is submitted for review.
The improvement is so important, since it is vital for WordPress not to be perceived by the market as an insecure CMS, that the WordPress cofounder Matt Mullenweg said this improvement is “massive for the security of the web”. We must not forget that WordPress usage on the Internet is likewise massive.
David Pérez, a contributor sponsored by Hostinger, enabled this automation some time ago, which radically reduced manual approval work and significantly improved plugin publication times.
Automation and AI are playing a major role in this improvement, and they are also meant to make plugin creation easier and more accessible, so plugin submissions to the repository are expected to grow exponentially in the coming months or years. More information on Make WordPress.
* Original article written in Spanish, translated with AI and reviewed in English by Jorge Mediavilla.
Leave a Reply