WPScan Online
Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist
[scan_method]
Visibility:
Scan method:
Max Scan duration:

Latest Updates and Insights on WordPress Security

Explore updates on recent attacks, vulnerabilities, and best practices to keep your WordPress site safe and secure.

AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks

05 November 2025
AI Engine WordPress Plugin Exposes 100,000 WordPress Sites to Privilege Escalation Attacks A critical security vulnerability in the AI Engine WordPress plugin has put more than 100,000 ...

WordPress Post SMTP Plugin Vulnerability Exposes 400,000 Websites to Account Takeover Attacks

05 November 2025
WordPress Post SMTP Plugin Vulnerability Exposes 400,000 Websites to Account Takeover Attacks A critical security flaw in the WordPress Post SMTP plugin has left more than 400,000 websites ...

WordPress Plugin Vulnerability Exposes 7 Million Sites to XSS Attack

29 October 2025
WordPress Plugin Vulnerability Exposes 7 Million Sites to XSS Attack A critical cross-site scripting (XSS) vulnerability has been discovered in the popular LiteSpeed ...

Hackers Actively Exploiting WordPress Arbitrary Installation Vulnerabilities in The Wild

27 October 2025
Hackers Actively Exploiting WordPress Arbitrary Installation Vulnerabilities in The Wild Threat actors have launched a significant mass exploitation campaign targeting critical ...

Hackers Abuse Blockchain Smart Contracts to Spread Malware via Infected WordPress Sites

16 October 2025
A financially motivated threat actor codenamed UNC5142 has been observed abusing blockchain ...

Hackers Actively Exploiting WordPress Plugin Vulnerability to Gain Admin Access

09 October 2025
Hackers Actively Exploiting WordPress Plugin Vulnerability to Gain Admin Access Over the past two months, threat actors have weaponized a critical authentication bypass flaw in ...

Critical Exploit Lets Hackers Bypass Authentication in WordPress Service Finder Theme

09 October 2025
Threat actors are actively exploiting a critical security flaw impacting the Service Finder ...

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

08 October 2025
Cybersecurity researchers are calling attention to a nefarious campaign targeting WordPress ...
Latest Updates and Insights on WordPress Security »