WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators.
Features
- Detects vulnerable WordPress core, plugin, and theme versions
- Enumerates users, media files, backups, and server info
- Integration with WPScan vulnerability API for detailed results
- Supports brute-force login tests and password enumeration
- CLI and Docker-based usage for flexibility
- Regularly updated vulnerability database
Categories
SecurityFollow WPScan
Other Useful Business Software
Train ML Models With SQL You Already Know
Build and deploy ML models using familiar SQL. Automate data prep with built-in Gemini. Query 1 TB and store 10 GB free monthly.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of WPScan!