Every day we check WordPress core, themes, and plugins to determine if they contain any known security vulnerabilities. We utilize the WPScan Vulnerability Database for these scans to insure we are using up to date and accurate information.
What happens if a vulnerable plugin is discovered on my site?
We will start by performing an update for the plugin if one is available. If the plugin cannot be updated, we will notify you so you can plan accordingly and make arrangements to ensure the plugin can be updated. If we cannot work with you to get an updated version of the plugin, the plugin will be deleted to ensure the security of the affected site.
What happens if a vulnerable theme is discovered on my site?
As with plugins, we will attempt to update the theme if an update is available. If the theme is not currently active and no updates are available, the theme will be deleted to ensure the security of the affected site.
If the site's active theme contains a known security vulnerability and no update is available, we will reach out to you to let you know so you can plan accordingly.
What happens if a WordPress core vulnerability is discovered on my site?
We will immediately update your WordPress installation to the latest available version. However this type of situation is rare, since we automatically update WordPress core relatively quickly as each version
Have additional questions or feedback on this article? Contact Support.