Recently a lot of people have been hit by a wordpress security vulnerability that was fixed with an hour of it being reported about a month ago. Why have they fallen prey to this vulnerability – because they failed to update to the latest version for one of many possible reasons:
- Laziness.
- They failed to notice the post on the dev blog in their wordpress dashboard.
- They failed to notice the number of people blogging about having upgraded.
- etc
To help alleviate this problem in the future I have crafted a simple wordpress plugin which takes a simple approach to get the users attention. Once activated the plugin checks an XML-RPC webservice for update news displaying a message at the top of every page in the wordpress admin user-interface. The plugin will check for an update to the message every 15 mins with an additional check being kicked off if the installed wordpress version changes so as to give instant feedback on upgrades.
The following images show three of the different responses returned by the current web-service and how they are displayed:
Response for 1.5.1.1
Response for 1.5.1.2
Response for 1.6-alpha-do-not-use
The plugin may be downloaded here: pjw_wp_version_monitor.php.0.75.zip
An updated version is now available see: http://blog.ftwr.co.uk/wordpress/wp-version-check/
Please leave any feedback and suggestions in the comments below.
Cool! Thank you. I’m looking forward to playing with it.
Pingback: WordPress Plugin: Version Check by Blogging Pro
Pingback: Blogging Pro China » Blog Archive » WordPress Plugin: Version Check
Pingback: WordPress Italy » Blog Archive » Plugin WordPress: Version Check
Cool idea. May I suggest to make the system massage a bit smaller? Less intrusive.
Pingback: WordPress » Blog Archive » Chacador de version
Pingback: Peter Westwood » wordpress 1.5.1.3 released
Pingback: What makes you happy ? » Check your version
Nice plugin! It’s a damned shame that it doesn’t work with the Tiger Style Admin CSS plugin though.
Any chance of giving some hints or tips on how to resolve this issue?
Dan – I haven’t Tested it with any of the alternative admin plugins that are available.
What doesn’t work? – I thought the css layout i used should be fairly safe against alternative admin css’s.
I will try and get it fixed in the next release 🙂