WPScan Online
Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist
[scan_method]
Visibility:
Scan method:
Max Scan duration:

Latest Updates and Insights on WordPress Security

Explore updates on recent attacks, vulnerabilities, and best practices to keep your WordPress site safe and secure.

Threat Actors Weaponize WordPress Websites to Redirect Visitors to Malicious Websites

16 July 2025
Threat Actors Weaponize WordPress Websites to Redirect Visitors to Malicious Websites Cybersecurity researchers have uncovered a sophisticated malware campaign targeting WordPress ...

WordPress GravityForms Plugin Hacked to Include Malicious Code

12 July 2025
WordPress GravityForms Plugin Hacked to Include Malicious Code A sophisticated supply chain attack has compromised the official GravityForms WordPress plugin, ...

Critical WordPress Plugin Vulnerability Exposes 200k Websites to Site Takeover Attack

11 July 2025
Critical WordPress Plugin Vulnerability Exposes 200k Websites to Site Takeover Attack A critical security vulnerability has been discovered in the SureForms WordPress plugin, ...

Hackers Use ClickFix Technique to Deploy NetSupport RAT via Compromised WordPress Sites

08 July 2025
Hackers Use ClickFix Technique to Deploy NetSupport RAT via Compromised WordPress Sites Security researchers have uncovered a sophisticated cyberattack campaign leveraging compromised ...

Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover

02 July 2025
Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover A severe arbitrary file deletion vulnerability has been discovered in the popular Forminator ...

Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor

01 July 2025
Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor A sophisticated multi-stage malware campaign has been discovered targeting WordPress websites, ...

Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers

24 June 2025
Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers A sophisticated malware campaign has emerged targeting WordPress and WooCommerce websites with ...

Dropping security updates for WordPress versions 4.1 through 4.6

19 June 2025
As of July 2025, the WordPress Security Team will no longer provide security updates for ...
Latest Updates and Insights on WordPress Security »