WPScan Online
Some firewalls blocks vulnerability scanners. For get true positive results add wpscan.online IP addresses (208.76.253.232-208.76.253.239 or CIDR 208.76.253.232/29 ) to the whitelist
[scan_method]
Visibility:
Scan method:
Max Scan duration:

Latest Updates and Insights on WordPress Security

Explore updates on recent attacks, vulnerabilities, and best practices to keep your WordPress site safe and secure.

Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover

Critical WordPress Plugin Vulnerability Exposes 600,000+ Sites to Remote Takeover A severe arbitrary file deletion vulnerability has been discovered in the popular Forminator ...

Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor

Stealthy WordPress Malware Deliver Windows Trojan via PHP Backdoor A sophisticated multi-stage malware campaign has been discovered targeting WordPress websites, ...

Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers

Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers A sophisticated malware campaign has emerged targeting WordPress and WooCommerce websites with ...

Dropping security updates for WordPress versions 4.1 through 4.6

As of July 2025, the WordPress Security Team will no longer provide security updates for ...

Hundreds of WordPress Websites Hacked By VexTrio Viper Group to Run Massive TDS Services

Hundreds of WordPress Websites Hacked By VexTrio Viper Group to Run Massive TDS Services A sophisticated cybercriminal enterprise known as VexTrio has orchestrated one of the most ...

WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network

The threat actors behind the VexTrio Viper Traffic Distribution Service (TDS) have been linked ...

WordPress Admins Beware! Fake Cache Plugin that Steals Admin Logins

WordPress Admins Beware! Fake Cache Plugin that Steals Admin Logins A sophisticated malware campaign targeting WordPress administrators has been discovered, ...

Over 100,000 WordPress Sites at Risk from Critical CVSS 10.0 Vulnerability in Wishlist Plugin

Cybersecurity researchers have disclosed a critical unpatched security flaw impacting TI ...