Enterprise-strength WordPress protection for everyone

Be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.

WPScan result example

Trusted by enterprise & small businesses

Kinsta
Go Daddy
Sonyo
Daimler
Accenture

A tiny plugin that timely reports vulnerable themes and plugins installed on your website. Effective and very easy to use - must have!

Exmi

Very helpful! It saves hours of work, and still it's pretty simple to use

Kenny Moore

Cataloging 28,701 WordPress Core, Plugin, and Theme Vulnerabilities

Continously updated by leading WordPress security professionals.

10 Years image

Collecting WordPress vulnerabilities for over 10 years

Dedicated team image

Dedicated team of WordPress security experts

Monitor web image

Continually monitoring the web for new vulnerabilities

Vulnerabilities counter image

Over 22,000 vulnerabilities in our database

For Enterprise & Small Businesses

Enterprise

  • Custom API requests per day*
  • Instant email alerts
  • Vulnerabilities details by ID
  • Latest API endpoints
  • Webhooks: Slack & HTTP
  • Description & PoC API data
  • CVSS Risk Scores

Business

For most sites, we recommend Jetpack Scan — the partner product of WPScan, by Automattic. It has all the power of WPScan with an easy-to-use interface.
  • Automated daily scanning
  • One-click fixes for most issues
  • Instant email notifications
  • Priority support

Researchers can use the CLI tool to make 75 API requests per day. Get started

*WPScan makes one API request for the WordPress version, one request per installed plugin, and one request per installed theme. Add these to calculate API requests of your site. View all FAQ