WordPress Security Scanner (WPScan)

Discover Security Vulnerabilities in WordPress Core Files, Plugins and Themes 

Discover Security Vulnerabilities in WordPress Core Files, Plugins and Themes 

Contents of the Report

Here is what you can expect in Scantrics’ WordPress Security Scanner report:
Website Scanner

Use Cases for WordPress Security
Scanner (WPScan)

Verify that files in your WordPress theme do not contain hidden malware or malicious code. Use the WordPress Security Scanner to check if a theme is poorly coded and can lead to unauthorized access to your websites.
Millions of WordPress websites are being probed and attacked by multiple plugin bugs. Check that your existing WordPress plugins are safe and updated to the latest version with WordPress Security Scanner to prevent being easily exploited by an attacker.
Use the WordPress Security Scanner to review your WordPress installation for common security-related misconfigurations. The scanner has a vulnerability database that allows security checks to be quickly performed and specific WordPress vulnerabilities to be easily identified.

Technical Details

Today, WordPress is the web application behind more than 30% of all websites. Its ease of use and open source base are what make it such a popular solution for many kinds of websites, including ecommerce, blogging, news, etc.

There are now an estimated 75 million WordPress sites up and running, and the number of installations only continue to grow exponentially. This surge in pickup makes WordPress an attractive target for attackers aiming to use a compromised web server for malicious purposes.

A WordPress-based website usually consists of themes and plugins, where the themes are the template for how the website will look like, while plugins are the functionality built for certain tasks, such as form plugin. Both themes and plugins have their own versions which might contain specific vulnerabilities that can be exploited by attackers if they are discovered.

Due to functional/compatibility issues, the version of plugins or themes might be outdated or not updated by the web administrator. Most of the time, the attacker will perform fingerprinting of the plugin and its version before performing the attack.

Any outdated WordPress plugins and themes will give attackers a greater chance to hack into websites and can even lead to website takeover by just accessing a configuration file that should not be accessed publicly.

Keep in mind that if you are using a managed WordPress hosting service, some of these attacks (and mitigations) will be the responsibility of the hosting provider. If you are self-hosting instead, then security and maintenance are your responsibility.

Here are the tests performed by the WordPress security scan:

  • Fingerprint the installed WordPress version. 
  • Itemize the installed themes and their versions.
  • Itemize the installed plugins and their versions.
  • List the vulnerabilities for the current WordPress version.
  • List the vulnerabilities for the identified plugins.
  • List the vulnerabilities for the identified themes.

How it works?

How it works

The WordPress Security Scanner that Scantrics uses is based on WPScan. WPScan is a free and non-commercial tool to check existing vulnerabilities on any WordPress-based website.

A target URL is the parameter to be scanned by the WordPress Security Scanner. The URL of the target WordPress website must start with http:// or https:// as the protocol. The user must also specify the complete path to the base directory of the WordPress installation.

The WordPress Security Scanner actually conducts a black-box scan which mimics a real attacker, where it will not need to access the WordPress dashboard while performing the test. Hence, the scanner comes equipped with a WordPress vulnerability database that holds all known vulnerabilities of WordPress plugins and themes. This database is maintained and updated periodically by our team.

Once the scanner receives the appropriate details, it will first analyze the HTML source code and HTTP headers in order to find the version of plugins/themes that consist in the target website. By analyzing the HTML source code and the HTTP headers, the scanner can extract all the necessary information to perform the assessment.

It will then match the version with the database to find any vulnerability in the target. The vulnerabilities presented are determined based on the specific versions of WordPress or plugins/themes that have been identified.

Furthermore, this scanner will also check for publicly accessible wp-config.php backups or other database exports and enumerate for any valid user that logged into the WordPress dashboard.

Users who run the WordPress Security Scanner on our website can choose between 2 modes of scanning, Passive and Aggressive.

  • Passive scan is a non-intrusive scan that only send a few probe requests to the web server.
  • Aggressive scan runs a more intrusive scan by sending many probe requests, thus gaining more accurate findings on the plugins/themes version and existing vulnerabilities.

Explore More of Our Tools