One way we help to improve the security of WordPress plugins, not just for customers of our service, but for everyone using them, is our proactive monitoring of changes made to plugins in the Plugin Directory to try to catch serious vulnerabilities. Through that we caught a PHP object injection vulnerability being introduced in to the plugin Essential Blocks, which has 100,000+ installs. That is yet another vulnerability in a plugin from WPDeveloper.

We now are also running all the code in the plugins used by our customers through that monitoring system on a weekly basis to provide additional protection for them. [Read more]