A day or so ago we released a new feature to Shield Security that highlights known plugin vulnerabilities within your WordPress admin dashboard.
Today we’re releasing another update checks all your plugins every day and you’ll receive an email outlining all vulnerable plugins that it finds.
How plugin vulnerability notification email works
The plugin installs a scheduled cron job that runs every morning. This cron task will review every currently installed plugin and test it against the database of existing known plugin vulnerabilities.
It will collate any and all plugins which are found to have security vulnerabilities and send an email to the registered email address for the plugin outlining the details of each plugin.
The notification email address will, by-default, be the WordPress blog admin email address, but this can be changed within the plugin. See the screenshot below:
There are no options for this new feature and it will run automatically without any need to take action on your part.
The feature is available with version 4.9.2 of the WordPress Simple Firewall plugin.