On March, 11th an update of the popular plugin “WordPress SEO” was published because the previous version contains serious security vulnerabilities (CSRF and blind SQL injection).
During the day some people noted that Yoast didn’t use all possible channels to call attention to the situation.
I personally couldn’t understand the problem because I already had installed the new version before noon. How could this be?
I was called to attention by a mail I found in my Inbox:
Subject: WP Updates Notifier: Updates Available @ http://elektroelch.net
Date: Wed, 11 Mar 2015 11:57:23 +0000
From: WP Update Notifier
To: latz (at) elektroelch.net
There are updates available for your WordPress site:
Plugin: WordPress SEO is out of date. Please update from version 1.7.3.3 to 1.7.4
Details: https://wordpress.org/plugins/wordpress-seo/
Changelog: https://wordpress.org/plugins/wordpress-seo/changelog/
Compatibility: Compatibility with WordPress 4.1.1: 100% (according to its author)
Please visit http://pascal/wp40/wp-admin/update-core.php to update.
The mail was sent by “WP Update Notifier“. This plugin checks (in my case) every hour if there is an update for any installed or active plugin or theme. In case of an update a mail is sent to the admin. A simple click on the provided link and I can update my installation to the newest update. If I’m not sure if I really need the update or if I actually want to install it I can look at the ChangeLog link to check what has changed.
So, if you want to keep your WordPress installation up-to-date at any time and want to delegate the annoying work of constantly checking for new updates to your server you should consider to install this plugin.
Update: @wpseek pointed out that there is a plugin called “InifiniteWP” that is more suitable for large WordPress installation. Thanks!
Leave a Reply