No software is perfect. Hackers will always try to break it. Same is true in case of WordPress, its plugins & themes. The updates & patches are constantly released to safeguard. WordPress is a great CMS and 40% of the sites on the internet are powered by WordPress. This also includes eCommerce sites. While you are using a great WordPress CMS, how do you ensure you get notified about possible WordPress vulnerabilities in advance?
There could be a new malware, a vulnerability detected in WordPress core or a plugin/theme that you are using (planning to use).
WordPress does periodic security releases and it also publish about the same on its blog. It is recommended that one shall subscribe to their blog. Besides, security services such as Sucuri & WordFence are constantly monitoring and publishing about any vulnerabilities and one can subscribe to its newsletters too to get notified in advance or on time.
- WordPress blog – https://wordpress.org/news/ (look for ‘Subscribe to WordPress News’ widget in the right sidebar)
- WordFence – https://www.wordfence.com/subscribe-to-the-wordfence-email-list/
- Sucuri – https://info.sucuri.net/subscribe-to-security
If you know any other ways how you stay abreast with security updates please feel free to drop in comments.
Note: This article is an inspiration from the support ticket raised here recently.