Free instant scan
WPScan + NVD data
No signup required

Find vulnerable
plugins before
attackers do.

Paste any WordPress URL. Get a full plugin security report with CVE details and risk scores in seconds.

No signup / Public scan only / ~12 seconds
pluginaudit — scan
51,247
Known vulnerabilities in database
109,847
WordPress plugins indexed
~12s
Average scan time
Data sourced from
Sample report
example-agency-client.com D — 42/100
elementor3.16.0
1 critical
contact-form-75.7.2
1 medium
really-simple-ssl6.1.0
1 critical
jetpack12.9
secure
4 of 11 plugins shown. Scan your site free
What the scan covers

Plugin detection

Discovers installed plugins from HTML source, script tags, stylesheets, and readme files.

Version fingerprinting

Extracts exact versions from query strings, readme files, and asset URLs.

CVE matching

Cross-references each version against WPScan, NVD, and public vulnerability records.

Transparent scoring

Published methodology. Every deduction explained. No black boxes.

How it works
01

Paste a URL

Any public WordPress site. No login, no install, no API key needed.

02

Watch the scan

See every step in real-time as we detect plugins, check versions, and match vulnerabilities.

03

Fix what matters

Get a full report with CVE details, severity scores, and which version fixes each issue.

Transparent by default

Every score
is explainable.

No black-box algorithms. Every deduction in your risk score maps to a specific CVE, a specific plugin version, and a specific severity rating. Read the full methodology — it's public.

Open scoring formula

CVSS base scores weighted by exploitability and plugin popularity

Real-time CVE data

Database syncs every 2 hours from NVD and WPScan feeds

Version confidence levels

Each detection tagged as confirmed, likely, or suspected

Built for agencies
and consultants

Managing WordPress sites for clients means staying ahead of vulnerabilities — not finding out after a breach.

  • Monitor multiple client sites from one place
  • Get alerts when new CVEs affect your plugins
  • Export client-ready PDF reports
  • Track vulnerability trends across your portfolio

Simple, transparent pricing

Start free. Upgrade when you need continuous monitoring.

Starter
$15/mo
5 monitored sites
  • Daily automated scans
  • Email vulnerability alerts
  • Monitoring dashboard
  • Shareable reports
Monitor
$39/mo
25 monitored sites
  • Everything in Starter
  • Priority scanning
  • Faster scan intervals
  • Slack/webhook alerts
Agency
$99/mo
100 monitored sites
  • Everything in Monitor
  • White-label PDF reports
  • Client management
  • Dedicated support

See what's vulnerable
before it becomes an incident.

Full plugin security report in 15 seconds. No signup, no install.

Scan failed

← Scan another site
/ 100
WordPress - Theme: - Pages: -
0
Critical
0
High
0
Medium
0
Low