WordPress is a free and open-source content management system (CMS) based on PHP and MySQL. As the most popular web publishing platform on the internet, It is a popular target for hackers and spammers. Most of the compromised wordpress sites being used for sending spam emails or hosting phishing contents, making server blacklisted globally.
Outdated wordpress versions are more often get compromised due to their known vulnerabilities/bugs. WP updates are crucial for the security and stability of site. We need to make sure that WordPress core, plugins, and theme are up to date. The first step in protecting WP is to update it to latest released version.
In shared hosting server, there may be hundreds of WP installations, we need to find out the websites/path that are using outdated versions. The below provided shell script will help us in searching for the same.
- SSH to your server and download the script
$ wget https://github.com/zaheerk89/wp-outdated/archive/master.zip
- Extract zip file and cd to “wp-outdated-installation-finder” directory
$ unzip master.zip
- Execute the bash script
$ bash wp-finder.sh
- Check the output file
$ cat /tmp/wp_outdated.txt
- Support for other popular CMS like Joomla, Drupal, Magento will be added soon
- If there is any bug or suggestion to improve this script, feel free to mail me at zaheeruddin[ at ]assistanz.com