Flywheel’s Plugin Security Alerts provide site owners and organization members with critical security information via email when a vulnerable plugin is detected on one or more sites.
In addition, the Flywheel dashboard keeps track of plugin vulnerabilities so you can quickly manage and update outdated plugins that could put your site at risk.
Flywheel provides these alerts for free as part of our standard security package, however, we do not update plugins on your behalf by default. If you’d like us to take that off your plate, sign up for Managed Plugin Updates!
If a vulnerable plugin is detected on your site(s) during our nightly scans, you’ll receive an email that lists the sites with the plugin currently installed.
Clicking the site name will take you to the site’s dashboard on Flywheel, where you can learn more about the vulnerability and log in to your site to perform any recommended updates.
js_composer. The slug will often correspond to the plugin directory name.
The Plugins tab of the Flywheel dashboard includes information about outdated and compromised plugins. When a vulnerability is detected, you can hover over the shield icon for more details. Click the WP Admin button to quickly log into your site and run any necessary updates.
WordPress sites are most often compromised due to outdated plugins and themes. With Plugin Security Alerts, Flywheel notifies you when your site might be at risk so you can take swift action.
Flywheel scans for plugin vulnerabilities on a nightly basis, once every 24 hours. Keep in mind that plugin updates may be released by the plugin developer at any time, so if you encounter an at-risk plugin before Flywheel has had a chance to scan your site for the day, you can always check for updates manually from the plugins area of the site’s WP admin.
Flywheel will send an alert via email and update the site’s Plugins tab so you can perform updates as soon as possible.
If you have any questions or concerns about the plugin directly, we’d recommend reaching out to the plugin developer for more information.
It’s free and included in every Flywheel plan!
The site’s owner or all organization members, if the site is owned by an org.
The information is publicly available from WPScan. We cannot guarantee all vulnerabilities will be detected by the plugin researcher.
Sure can! With our Managed Plugin Updates Add-on, plugins on your sites can be updated as frequently as every day. That means any vulnerable plugin should be updated within 24 hours (as long as the plugin developer issues a fix). To learn more about MPU, click here.
If you have any questions our Happiness Engineers are here to help!
New to Flywheel? Start here, we've got all the information you'll need to get started and launch your first site!View all
Learn all about managing your Flywheel user account, Teams and integrations.View all
Everything about billing, invoices and payments can be found here.View all
Flywheel hosting plans include a ton of great features. Learn about how to get a free SSL certificate, set up a staging site, and more!View all
All the server and setting info you'll need to help you get the most out of your Flywheel hosting plan!View all
Tips and tricks for managing your sites on Flywheel, including going live, troubleshooting issues and migrating or cloning sites.View all
Learn how to connect, deploy, and more with SSH on Flywheel's platform.View all
Learn more about Growth Suite, our all-in-one solution for freelancers and agencies to grow more quickly and predictably.
Getting started with Growth Suite
Growth Suite: What are invoice statuses?
Growth Suite: What do client emails look like?
Learn more about Managed Plugin Updates, and how you can keep your sites up to date, and extra safe.
Managed Plugin Updates: Database upgrades
Managed Plugin Updates: Pause plugin updates
Managed Plugin Updates: Plugin Security Alerts