這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

下載

Plugin Inspector

Gregory M 開發

外掛說明

The Plugin Inspector plugin is an easy way to check plugins installed on your WordPress and make sure that plugins do not use deprecated WordPress functions and some unsafe functions like eval, base64_decode, system, exec, etc. Some of those functions may be used to load malicious code (malware) from the external source directly to the site or WordPress database.

Features

  • Scans plugins for deprecated WordPress functions
  • Scans plugins for unsafe functions like eval, base64_decode, system, exec, etc.
  • Checks plugins to find vulnerabilities listed in WPScan Vulnerability Database
  • Beautiful source code viewer with highlighting

Plugin Inspector allows you to view all the deprecated functions complete with path, line number, deprecation function name, and the new recommended function to use. The checks are run through a simple admin page and all results are displayed at once. This is very handy for plugin developers or anybody who want to know more about installed plugins.

All code that uses the deprecated functions should be converted to use its replacement if one exists. Because deprecated functions are no longer supported may be removed from future versions of WordPress.

To check the theme files, please, use Theme Check plugin.

Another reliable plugins from trusted author

Protects site against brute force attacks. Restrict login by IP access lists. Limit login attempts. Comprehensive control of user activity.

Make your website instantly available in 90+ languages with Google Translate Widget. Add the power of Google automatic translations with one click.

螢幕擷圖

  • Plugin Inspector is scanning files and looking for deprecated and unsafe function
  • Beautiful source code viewer with highlighted issues

安裝方式

  1. Upload the Plugin Inspector folder to the plugins directory in your WordPress installation.
  2. Activate the plugin through the WordPress admin interface.

常見問題集

What PHP functions Plugin Inspector treats as unsafe?

Generally, most of those functions are safe, but under certain circumstances those functions may be used to hack site or to load and execute malicious code (malware). This list is not full and will be constantly updating. Any suggestions are welcome.

  • eval
  • system
  • base64_decode
  • shell_exec
  • exec
  • assert
  • passthru
  • pcntl_exec
  • proc_open
  • popen
  • dl
  • create_function
  • call_user_func
  • call_user_func_array
  • file_get_contents
  • socket_create
  • curl_exec
  • wp_remote_request
  • wp_remote_get
  • wp_remote_post
  • wp_safe_remote_post
  • wp_remote_head

使用者評論

Awesome Plugin for Anyone Interested in WP Security

2018 年 1 月 31 日 2 則留言
I am a fan of the Plugin Inspector plugin. One of the things that I read on the site of our firewall provider was to check the code of our plugins one by one. This plugin helped me a lot to achive that faster. Whith these data I even could made a risk analisys of our plugins. That helped us decide to stop using a plugin that seemed too vulnerable compared to others. Later we found out it was cataloged as unsafe by JetPack, Accunetix and many others. Making a risk analysis is time consuming but worth it. That's why I want to request the developers to consider this feature request: The idea is to present a risk score in the plugin list that would for example be calculated like this: Risk Score: Number of Low risk findings + 5* Number of Medium Risk Findings + 10* Number of High Risk Findings + 10* Number of Deprecated Findings That and a way to order the list based on the score, which would easily make it clear which one of your plugins you should start inspecting right away or look for alternatives. Cheers

Perfect plugin for plugin developers

2017 年 8 月 12 日 1 則留言
This is perfect for plugins developers, I love it! Easy to use and scans fast the plugins. I like that you can scan one plugin at a time, other plugins like this were scanning all plugins at the same time. And you can click on the warning and you are taken to the source file! Thanks for this very useful plugin!

cool

2016 年 9 月 3 日
A Supervisor for all other plugins!

Beautiful

2016 年 9 月 3 日 1 則留言
Every plugin developer should be using this. Thankyou Gioni.

Nice Plugin

2016 年 9 月 3 日 1 則留言
Thank you very much for developing this plugin and keeping it up-to date. Thankful to your efforts and time.
閱讀全部 10 則使用者評論

參與者及開發者

以下人員參與了開源軟體〈Plugin Inspector〉的開發相關工作。

參與者

將〈Plugin Inspector〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

變更記錄

1.5

  • Added cool and convenient code viewer to view found issues in the PHP code.
  • Code optimization

1.0

  • Initial version

中繼資料

評分

檢視全部
登入以提交評論

參與者

技術支援

使用者可在技術支援論壇提出意見反應或使用問題。

檢視技術支援論壇

贊助

想要支援這個外掛的發展嗎?

贊助這個外掛