The first major WP Toolkit release in 2022 is v5.10.0, which is now officially available for Plesk! This release focuses on further improving the vulnerability scan feature, delivering bugfixes to customers, and laying out the groundwork for introduction of API in the product.
Site Vulnerability Scan: Support For Inactive Assets
The Site vulnerability scan for the WP Toolkit has been helping site administrators keep their sites secure for several months now. However, it was scanning only active plugins and themes, which could be a problem in some cases. If a site admin wanted to activate a previously inactive plugin, there was no way to check if this plugin was safe to activate (that is, if it contained known vulnerabilities).
To address this issue, WP Toolkit now also scans inactive plugins and themes. To help site admins correctly assess what needs to be addressed first, it’s now possible to filter out vulnerabilities based on whether they are found in active or inactive assets:
Since WP Toolkit sends out email notifications about found vulnerabilities, these emails now also include information about vulnerabilities found in inactive plugins and themes. These vulnerabilities are listed separately to make sure site admins can properly assess the urgency needed to address these vulnerabilities.
Link To PHP Version Change
If a WordPress site is using an outdated version of PHP that’s no longer supported by the vendor, WP Toolkit shows a warning for the site administrator. To help users fix this issue, a link to the PHP management menu was added to this warning message. This addresses a concern voiced by our partners, so we hope this small change will help their users stay up-to-date and secure.
One-Time Server Rescan
After the update to v5.10, the WP Toolkit will run a one-time server-wide scan on cPanel platform. This will allow us to manage WordPress installations added manually or through other management tools.
The team has been working on brainstorming and developing the basis for the fully-fledged WP Toolkit API. We’ve made a lot of exciting progress, but it’s too early to unveil these changes to the public. So keep an eye on this blog for updates!
Our next release aims to dramatically improve the usability of Smart Updates feature. Other improvements and bugfixes are also being considered, as usual. See you next time!