[wp-hackers] How to check a new plugin?

Patrick Laverty patrick_laverty at brown.edu
Mon Nov 22 17:56:56 UTC 2010


When you want to add a new plugin to your system, what do you do to check it
out for it's safety and security on your blog?  I'm in charge of a ms
instance at a University and I get requests for plugins all the time,
especially for ones that are on version <1 or admit they're "alpha" or
"beta" versions.  I don't want to simply reject something because of it's
label, but I'm not totally sure how to evaluate a new plugin.  Do any of you
put them on a test server and then point a vulnerability scanner at the new
plugin to see what happens?  Advice?

Thanks.


More information about the wp-hackers mailing list