WPScan
It's like having your own team of WordPress security experts.
With WPScan, you'll be the first to know about vulnerabilities affecting your WordPress installation, plugins, and themes.
Trusted by the world's biggest brands
“We know that there are others out there like Patchstack, but the sense of completeness and alerts for ALL relevant plugins, we never had a need to go crosscheck WPScan against anyone else.”
Brent Stackhouse, VP of Security, WP Engine
“One of our top priorities at Kinsta is security. WPScan is a valuable tool in our toolbelt providing a thorough and reliable WordPress vulnerability notification service.”
Daniel Pataki, CTO, Kinsta
Cataloging 43,518 WordPress Core, Plugin, and Theme Vulnerabilities
Continuously updated by leading WordPress security professionals.
Collecting WordPress vulnerabilities for over 10 years
Dedicated team of WordPress security experts
Continually monitoring the web for new vulnerabilities
Flexible API that streamlines your workflow
Security Solutions For Everyone
Enterprise
- Custom pricing by number of sites
- Instant email alerts
- Vulnerabilities details by ID
- Latest API endpoints
- Webhooks: Slack & HTTP
- Description & PoC API data
- CVSS Risk Scores
Small Business
- Automated daily scanning
- Recommended fixes
Researchers can use the CLI tool to make 25 API requests per day. Get started