43% of all websites run WordPress — making it the #1 attack surface worldwide
1 in 25 WordPress sites is actively infected with malware right now
97% of CMS-based attacks specifically target WordPress plugins & themes
50,000+ vulnerabilities indexed · WPScan threat database
71% of hacked WordPress sites had a backdoor silently installed
4,000+ plugins carry known, unpatched security vulnerabilities
Average breach goes undetected for 197 days — is your site clean?
Outdated plugins are responsible for 52% of all WordPress infections
SQL injection & XSS remain the top two WordPress attack vectors
60% of infections exploit a vulnerability that already had a patch available
43% of all websites run WordPress — making it the #1 attack surface worldwide
1 in 25 WordPress sites is actively infected with malware right now
97% of CMS-based attacks specifically target WordPress plugins & themes
50,000+ vulnerabilities indexed · WPScan threat database
71% of hacked WordPress sites had a backdoor silently installed
4,000+ plugins carry known, unpatched security vulnerabilities
Average breach goes undetected for 197 days — is your site clean?
Outdated plugins are responsible for 52% of all WordPress infections
SQL injection & XSS remain the top two WordPress attack vectors
60% of infections exploit a vulnerability that already had a patch available
Everything you need to know to get started and get the most out of your scans.
📦
ZIP Upload
Download your theme or plugin as a ZIP from your server via FTP or cPanel, then upload here. The file is extracted to a secure temp directory, scanned, then immediately deleted after the scan completes.
📁
Path Scan
Enter the full server path to your WordPress theme or plugin directory, e.g. /var/www/html/wp-content/themes/mytheme. Files are scanned recursively up to 15 levels deep.
💾
Scan Report Cache
Your last scan result is cached in your browser's localStorage for 2 hours. If you accidentally close the tab, a banner at the top lets you restore it.
🔑
Premium License
After purchase, your license key is emailed instantly. Log in, visit Dashboard, copy your key, paste it into the License Key field on the scanner page to unlock all features.