WPScan is a black-box WordPress vulnerability scanner written in Ruby. It analyzes WordPress sites to identify outdated core, plugins, themes, exposed APIs, and known vulnerabilities using a large built-in vulnerability database. It is a popular security auditing tool for pentesters and site administrators.

Features

  • Detects vulnerable WordPress core, plugin, and theme versions
  • Enumerates users, media files, backups, and server info
  • Integration with WPScan vulnerability API for detailed results
  • Supports brute-force login tests and password enumeration
  • CLI and Docker-based usage for flexibility
  • Regularly updated vulnerability database

Project Samples

Project Activity

See All Activity >

Categories

Security

Follow WPScan

WPScan Web Site

Other Useful Business Software
Go From AI Idea to AI App Fast Icon
Go From AI Idea to AI App Fast

One platform to build, fine-tune, and deploy ML models. No MLOps team required.

Access Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
Try Free
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of WPScan!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

Ruby

Related Categories

Ruby Security Software

Registered

2025-07-31