Be the first to know about new WordPress vulnerabilities
All vulnerabilities are manually entered into our database by dedicated WordPress security professionals.- We work with security researchers, vendors, and WordPress to triage vulnerabilities.
- Our vulnerability database is updated constantly as new information becomes available.
56Vulnerabilities added in December
37,609Total vulnerabilities in our database
Our WordPress security services
Free WordPress plugin
Get daily vulnerability scans, email reports, and report downloads with the WordPress plugin.
Get it now
CLI security scanner
Get the hackers’ point of view with a command line interface written for security professionals.
Get details
Versatile API
Tap directly into the vulnerability database API to get the latest WordPress vulnerabilities.
Get detailsSecurity Solutions For Everyone
Enterprise
WordPress protection with custom solutions for large enterprises.
- Custom pricing by number of sites
- Instant email alerts
- Vulnerabilities details by ID
- Latest API endpoints
- Webhooks: Slack & HTTP
- Description & PoC API data
- CVSS Risk Scores
Small Business
For most sites, we recommend Jetpack Protect — the partner product of WPScan, by Automattic. It has all the power of WPScan with an easy-to-use interface.
- Automated daily scanning
- Recommended fixes
Researchers can use the CLI tool to make 75 API requests per day. Get started
Trusted by enterprise & small businesses
“A tiny plugin that timely reports vulnerable themes and plugins installed on your website. Effective and very easy to use - must have!”
Exmi
“Very helpful! It saves hours of work, and still it's pretty simple to use”
Kenny Moore