WPScan Online
Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist
[scan_method]
Visibility:
Scan method:
Max Scan duration:

Latest Updates and Insights on WordPress Security

Explore updates on recent attacks, vulnerabilities, and best practices to keep your WordPress site safe and secure.

New ShadowCaptcha Attack Exploiting Hundreds of WordPress Sites to Tricks Victims into Executing Malicious Commands

New ShadowCaptcha Attack Exploiting Hundreds of WordPress Sites to Tricks Victims into Executing Malicious Commands A sophisticated global cybercrime campaign dubbed “ShadowCaptcha” has emerged as a ...

ShadowCaptcha Exploits WordPress Sites to Spread Ransomware, Info Stealers, and Crypto Miners

A new large-scale campaign has been observed exploiting over 100 compromised WordPress sites to ...

Critical WordPress Plugin Vulnerability Exposes 70,000+ Sites to RCE Attacks

Critical WordPress Plugin Vulnerability Exposes 70,000+ Sites to RCE Attacks A critical security vulnerability has been discovered in the popular “Database for Contact ...

Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email

Huge Wave of Malicious Efimer Malicious Script Attack Users via WordPress Sites, Malicious Torrents, and Email A sophisticated malware campaign dubbed “Efimer” has emerged as a significant threat ...

Hackers Exploit Critical WordPress Theme Flaw to Hijack Sites via Remote Plugin Install

Threat actors are actively exploiting a critical security flaw in "Alone – Charity ...

WordPress Theme RCE Vulnerability Actively Exploited to Take Full Site Control

WordPress Theme RCE Vulnerability Actively Exploited to Take Full Site Control A critical remote code execution (RCE) vulnerability in the popular “Alone” ...

Stealthy Backdoor in WordPress Plugins Gives Attackers Persistent Access to Websites

Stealthy Backdoor in WordPress Plugins Gives Attackers Persistent Access to Websites A sophisticated WordPress malware campaign has been discovered operating through the rarely ...

Hackers Deploy Stealth Backdoor in WordPress Mu-Plugins to Maintain Admin Access

Cybersecurity researchers have uncovered a new stealthy backdoor concealed within the ...