WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators.

Features

  • Detects vulnerable WordPress core, plugin, and theme versions
  • Enumerates users, media files, backups, and server info
  • Integration with WPScan vulnerability API for detailed results
  • Supports brute-force login tests and password enumeration
  • CLI and Docker-based usage for flexibility
  • Regularly updated vulnerability database

Project Samples

Project Activity

See All Activity >

Categories

Security

Follow WPScan

WPScan Web Site

Other Useful Business Software
Train ML Models With SQL You Already Know Icon
Train ML Models With SQL You Already Know

BigQuery automates data prep, analysis, and predictions with built-in AI assistance.

Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
Try Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of WPScan!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Ruby

Related Categories

Ruby Security Software

Registered

2025-07-31