[Resolved] How are plugins vetted?

Home Forums Support How are plugins vetted?

  • This topic has 7 replies, 3 voices, and was last updated 1 year ago by David.
Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #990948
    Anonymous

    Hi there,

    Most of the themes use various plugins to provide additional functionality or to simplify the user experience.

    How are these reviewed and vetted?

    For example;

      Are the plugins tested including performance?
      Are the plugins reviewed and assessed from a security point of view?
      If there are vulnerabilities associated with the plugins are these removed?
      If there are plugins that have not been tested e.g. Menu Icons by ThemeIsle on a particular version of WordPress (even
      though it is the latest), is there any reason why these are bundled?
    #990956
    Leo
    Staff
    Customer Support

    Hi there,

    Each of these questions is depending on the individual plugins and GP has no control over how they are handled – you would need to check with plugin(s) support for more clarification.

    I’m not sure if WordPress has guideline for plugin testing – you’d need to check with WordPress support.

    GP itself doesn’t bundle with any other plugins unless you import sites from the library – we try to only choose plugins that we’ve had good experience with.

    Here is a little more information about GP itself which is displayed on the home page as well:
    https://www.screencast.com/t/dLd8IQrxN

    Hope this helps 🙂

    #990958
    Anonymous

    Thanks Leo.

    Most users (assumption) are likely to import the content and thus enable the bundled plugins. It would be valuable that these are tested and reviewed since users may assume that since GeneratePress is including these, they may be safe to use (which may not always be the case) especially from a security stance.

    #990961
    Leo
    Staff
    Customer Support

    Unfortunately we don’t have the ability to test other plugins this thoroughly – I think this is the same with any other themes.

    Thanks for the suggestions though 🙂

    #997617
    Anonymous

    Thanks Leo. What options are there to test the plugins from a security perspective using services other than other plugins?

    #997738
    David
    Staff
    Customer Support

    Worth reading this it covers this subject very well and provides some tools and info to help:

    https://devrix.com/tutorial/evaluate-wordpress-plugins-vulnerabilities/

    #998018
    Anonymous

    Thanks David.

    #998114
    David
    Staff
    Customer Support
Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.