WordPress Version Check

Recently a lot of people have been hit by a wordpress security vulnerability that was fixed with an hour of it being reported about a month ago. Why have they fallen prey to this vulnerability – because they failed to update to the latest version for one of many possible reasons:

  1. Laziness.
  2. They failed to notice the post on the dev blog in their wordpress dashboard.
  3. They failed to notice the number of people blogging about having upgraded.
  4. etc

To help alleviate this problem in the future I have crafted a simple wordpress plugin which takes a simple approach to get the users attention. Once activated the plugin checks an XML-RPC webservice for update news displaying a message at the top of every page in the wordpress admin user-interface. The plugin will check for an update to the message every 15 mins with an additional check being kicked off if the installed wordpress version changes so as to give instant feedback on upgrades.

The following images show three of the different responses returned by the current web-service and how they are displayed:

Response for 1.5.1.1
Response for 1.5.1.1

Response for 1.5.1.2
Response for 1.5.1.2

Response for 1.6-alpha-do-not-use
Response for 1.6-alpha-do-not-use

The plugin may be downloaded here: pjw_wp_version_monitor.php.0.75.zip
An updated version is now available see: http://blog.ftwr.co.uk/wordpress/wp-version-check/

Please leave any feedback and suggestions in the comments below.

27 Responses to “WordPress Version Check”

  1. westi says:

    Dan: I believe jwp is suggesting adding a z-index:1 to the css that is contained within the plugin code.
    e.g. Changing this:

    #pjw_update {
    position: absolute;
    top: 5px;
    margin: 0; padding: 0;
    right: 1.5em;
    font-size: 20px;
    }

    To this:

    #pjw_update {
    position: absolute;
    top: 5px;
    margin: 0; padding: 0;
    right: 1.5em;
    font-size: 20px;
    z-index:1;
    }

    in pjw_wp_version_monitor.php

    I am working on a better fix though and should have a updated version of the plugin available in the next few days.

  2. [...] WordPress Version Check v0.80 is now available. Upgrade is recommended especially if you are using the Tiger Admin UI as you will now be able to see the plugin’s messages much easier. The changes for the Tiger Admin UI have been tested with v1.3 of the Tiger Admin UI plugin. [...]

  3. torbjon says:

    Word press is the good system

  4. [...] WordPress Version Check v0.90 is now available. [...]

  5. [...] WordPress Version Check v0.91 is now available. [...]

  6. [...] WordPress Version Check v1.00 is now available. [...]

  7. [...] I was reminiscing today on what the world was like when I released my WordPress version check plugin back in 2005. [...]



d
go to dashboard
l
go to login
h
show/hide help
e
edit post/page
r
comment on post/page
m
go to moderate comments
esc
cancel
%d bloggers like this: