Terms of Service

Last updated: March 19, 2026

Effective upon accessing or using the service · Governed by North Carolina law

Agreement

Accepting these terms

By accessing pluginaudit.io or using the PluginAudit scanner ("we," "us," "our"), you agree to be bound by these Terms of Service and our Privacy Policy. If you do not agree to all of these terms, do not use the service.

These terms, together with our Privacy Policy, constitute the entire agreement between you and PluginAudit with respect to your use of the service.

The Service

What PluginAudit provides

PluginAudit is a security scanning tool that detects installed WordPress plugins on publicly accessible websites and checks detected plugin versions against a database of known vulnerabilities (CVEs). The service provides free one-time scans and paid monitoring subscriptions with daily automated scanning and email alerts.

Vulnerability data is sourced from public CVE databases and the WPScan vulnerability database. Scan results are provided for informational purposes only. PluginAudit does not guarantee the completeness or accuracy of vulnerability detection — we report what our scanning methodology can identify from publicly accessible information.

You are solely responsible for independently verifying any security findings before taking action. PluginAudit is a monitoring tool, not a security remediation service, penetration testing provider, or security consultant.

Disclaimer of Warranties

The service is provided "as is"

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR IMPLIED. TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAW, PLUGINAUDIT EXPRESSLY DISCLAIMS ALL WARRANTIES, INCLUDING BUT NOT LIMITED TO IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE, AND NON-INFRINGEMENT.

We do not warrant that the service will detect all vulnerabilities, that scan results will be error-free, or that the service will be uninterrupted. Vulnerability databases may have gaps, plugins may obscure their version numbers, and websites may block or alter scanning requests. These limitations are inherent to the technology and do not constitute a breach of these terms.

Subscriptions and Billing

Plans and pricing

PluginAudit offers the following subscription tiers:

  • Starter — $15/month. 5 monitored sites, daily scans, email alerts.
  • Monitor — $39/month. 25 monitored sites, priority scanning, Slack/webhook alerts.
  • Agency — $99/month. 100 sites, white-label PDF reports, client management.

Billing recurs automatically on a monthly basis. Payments are processed by Stripe. PluginAudit does not store your payment card information.

Cancellation

You may cancel your subscription at any time. Cancellation takes effect at the end of your current paid billing period. You retain access through that period.

Refunds

All fees are non-refundable once charged, except as explicitly provided elsewhere in these terms. If you believe there is a billing error, contact us within 14 days of the charge. Termination by PluginAudit without cause entitles you to a prorated refund as described in the Termination section.

Free Scan Terms

Use of the free scanner

The free scanner is provided at no cost and requires no account. Free scans are rate-limited to 5 per day per IP address. We reserve the right to modify, restrict, or discontinue the free scanner at any time without notice.

Free scan results are generated for the URL you submit. By submitting a URL, you represent that you have a legitimate reason to check the security posture of that site (e.g., you own it, manage it, or are evaluating it for a business relationship). You agree not to use the scanner for malicious purposes, including reconnaissance for attacks.

Acceptable Use

Permitted and prohibited conduct

You agree not to:

  • Use PluginAudit to gather information for the purpose of attacking, exploiting, or compromising any website
  • Use automated tools to circumvent rate limits or abuse the scanning infrastructure
  • Resell, redistribute, or commercially exploit scan results or the service to third parties without a subscription
  • Attempt to reverse-engineer, copy, or replicate the service for competitive purposes
  • Submit URLs to the scanner with the intent to harass, intimidate, or threaten site owners
  • Use the service in any manner that violates applicable law

We reserve the right to suspend or terminate your access immediately if we determine you have violated any of these terms.

Intellectual Property

What we own

The PluginAudit name, website, software, report formatting, and all other original elements of the service are the exclusive property of PluginAudit and are protected by applicable intellectual property law.

Underlying vulnerability data sourced from public CVE databases and WPScan is not owned by PluginAudit. However, our selection, analysis, presentation, and risk scoring of that data constitutes original work.

Service Availability

Uptime and scanning expectations

We make commercially reasonable efforts to keep the scanner and monitoring service available. Availability may be affected by factors outside our control, including third-party service outages, target website configuration changes, or vulnerability database delays.

PluginAudit shall not be liable for any failure or delay caused by circumstances beyond our reasonable control, including infrastructure outages, third-party API changes, or force majeure events. Such events do not constitute a breach of these terms.

Limitation of Liability

Cap on our liability to you

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PLUGINAUDIT SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, LOSS OF DATA, SECURITY BREACHES, OR LOSS OF BUSINESS OPPORTUNITIES, ARISING OUT OF OR RELATED TO YOUR USE OF OR INABILITY TO USE THE SERVICE, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

In no event shall PluginAudit's total aggregate liability exceed the total fees you paid to PluginAudit in the three (3) calendar months immediately preceding the event giving rise to the claim. For free scan users who have paid nothing, our maximum liability is zero dollars ($0).

Indemnification

Your obligation to defend us

You agree to indemnify, defend, and hold harmless PluginAudit and its owners, officers, employees, and agents from and against any claims, liabilities, damages, losses, costs, and expenses (including reasonable attorneys' fees) arising out of or connected with:

  • Your use of the service or scan results
  • Your violation of these Terms of Service
  • Your violation of any applicable law
  • Any action you take or fail to take based on scan results
  • Any dispute between you and a third party related to your use of the service
Dispute Resolution

How we handle disagreements

Before initiating any formal legal proceeding, you agree to contact PluginAudit at scan@pluginaudit.io and give us no less than 30 days to resolve the dispute informally.

Class action waiver

You agree that any dispute will be resolved on an individual basis only. You waive any right to bring or participate in any class action, collective action, or representative proceeding against PluginAudit.

Governing law and venue

These terms are governed by the laws of the State of North Carolina, without regard to its conflict of law principles. Any legal proceeding shall be brought exclusively in the state or federal courts located in North Carolina.

Termination

Our right to end the relationship

We reserve the right to suspend or terminate your access immediately and without notice if we determine that you have violated these terms. We may also terminate your subscription without cause by providing at least 7 days written notice. In the event of termination without cause, we will refund fees covering the unused portion of your current billing period.

You may terminate your subscription at any time as described in the Cancellation section above.

Modifications

Changes to these terms

We may update these Terms of Service from time to time. The date at the top of this page reflects the most recent revision. For material changes, we will notify active subscribers by email at least 14 days before the changes take effect. Continued use of the service after the effective date constitutes acceptance of the revised terms.

Miscellaneous

General legal provisions

Severability. If any provision of these terms is found unenforceable, the remaining provisions continue in full force. The unenforceable provision will be modified to the minimum extent necessary to make it enforceable.

No waiver. Our failure to enforce any right or provision shall not constitute a waiver of that right or provision.

Assignment. You may not assign your rights under these terms without our written consent. We may assign freely, including in connection with a merger, acquisition, or sale of assets.

Entire agreement. These terms and our Privacy Policy constitute the complete agreement between you and PluginAudit regarding the service.

Contact

Questions about these terms

scan@pluginaudit.io