WordPress Version Check

Recently a lot of people have been hit by a wordpress security vulnerability that was fixed with an hour of it being reported about a month ago. Why have they fallen prey to this vulnerability – because they failed to update to the latest version for one of many possible reasons:

  1. Laziness.
  2. They failed to notice the post on the dev blog in their wordpress dashboard.
  3. They failed to notice the number of people blogging about having upgraded.
  4. etc

To help alleviate this problem in the future I have crafted a simple wordpress plugin which takes a simple approach to get the users attention. Once activated the plugin checks an XML-RPC webservice for update news displaying a message at the top of every page in the wordpress admin user-interface. The plugin will check for an update to the message every 15 mins with an additional check being kicked off if the installed wordpress version changes so as to give instant feedback on upgrades.

The following images show three of the different responses returned by the current web-service and how they are displayed:

Response for 1.5.1.1
Response for 1.5.1.1

Response for 1.5.1.2
Response for 1.5.1.2

Response for 1.6-alpha-do-not-use
Response for 1.6-alpha-do-not-use

The plugin may be downloaded here: pjw_wp_version_monitor.php.0.75.zip
An updated version is now available see: http://blog.ftwr.co.uk/wordpress/wp-version-check/

Please leave any feedback and suggestions in the comments below.

27 thoughts on “WordPress Version Check

  1. westi

    Dan: I believe jwp is suggesting adding a z-index:1 to the css that is contained within the plugin code.
    e.g. Changing this:

    #pjw_update {
    position: absolute;
    top: 5px;
    margin: 0; padding: 0;
    right: 1.5em;
    font-size: 20px;
    }

    To this:

    #pjw_update {
    position: absolute;
    top: 5px;
    margin: 0; padding: 0;
    right: 1.5em;
    font-size: 20px;
    z-index:1;
    }

    in pjw_wp_version_monitor.php

    I am working on a better fix though and should have a updated version of the plugin available in the next few days.

  2. Pingback: Peter Westwood » Wordpress Version Check v0.80

  3. Pingback: Peter Westwood » Wordpress Version Check v0.90

  4. Pingback: Peter Westwood » Wordpress Version Check v0.91

  5. Pingback: Peter Westwood » Wordpress Version Check v1.0

  6. Pingback: follow the white rabbit » Retiring WordPress version check

Comments are closed.