WPScan Online
Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist
[scan_method]
Visibility:
Scan method:
Max Scan duration:

Latest Updates and Insights on WordPress Security

Explore updates on recent attacks, vulnerabilities, and best practices to keep your WordPress site safe and secure.

Threat Actors Weaponize WordPress Websites to Redirect Visitors to Malicious Websites

Threat Actors Weaponize WordPress Websites to Redirect Visitors to Malicious Websites Cybersecurity researchers have uncovered a sophisticated malware campaign targeting WordPress ...

WordPress GravityForms Plugin Hacked to Include Malicious Code

WordPress GravityForms Plugin Hacked to Include Malicious Code A sophisticated supply chain attack has compromised the official GravityForms WordPress plugin, ...

Critical WordPress Plugin Vulnerability Exposes 200k Websites to Site Takeover Attack

Critical WordPress Plugin Vulnerability Exposes 200k Websites to Site Takeover Attack A critical security vulnerability has been discovered in the SureForms WordPress plugin, ...

Hackers Use ClickFix Technique to Deploy NetSupport RAT via Compromised WordPress Sites

Hackers Use ClickFix Technique to Deploy NetSupport RAT via Compromised WordPress Sites Security researchers have uncovered a sophisticated cyberattack campaign leveraging compromised ...

Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover

Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover A severe arbitrary file deletion vulnerability has been discovered in the popular Forminator ...

Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor

Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor A sophisticated multi-stage malware campaign has been discovered targeting WordPress websites, ...

Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers

Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers A sophisticated malware campaign has emerged targeting WordPress and WooCommerce websites with ...

Dropping security updates for WordPress versions 4.1 through 4.6

As of July 2025, the WordPress Security Team will no longer provide security updates for ...