Terms of Service

By accessing or using wp-scan.org at wp-scan.org (the "Service"), you agree to be bound by these Terms of Service ("Terms") and our Privacy Policy. If you do not agree to these Terms, please do not use the Service.

We reserve the right to update these Terms at any time. Your continued use of the Service after any changes take effect constitutes your acceptance of the revised Terms.

wp-scan.org is a WordPress security scanning tool operated by Rajan Gupta, an individual developer based in India ("we", "us", "our").

This is an independently operated software service — it is not a registered company or legal entity at this time. References to "wp-scan.org" throughout these Terms refer to Rajan Gupta personally as the operator of this Service and the domain wp-scan.org.

Note on branding: "wp-scan.org" and "wp-scan.org" are the trading name and domain of this Service. This product is independent and unaffiliated with any other product or service of a similar name.

wp-scan.org is a static code-analysis tool that scans WordPress themes, plugins, and core files for known vulnerability patterns, including SQL injection, XSS, remote code execution, backdoors, and other common security issues.

The Service is provided for informational and defensive security purposes only. It does not:

• Guarantee that scanned code is free of all security vulnerabilities
• Guarantee protection against any specific attack or threat
• Replace professional security auditing or penetration testing
• Actively monitor or protect your live website in real-time

You must be at least 18 years of age to register for a paid plan or use the Service commercially. By using the Service, you confirm that you meet this requirement. The Service is intended for developers, agencies, and website owners — it is not directed at consumers or general public users without technical context.

You agree to use the Service only for lawful purposes. You must only scan WordPress code that you have written, own, or have explicit written permission from the owner to analyse for security purposes.

You must not:

• Scan code you do not own or are not authorised to analyse
• Upload files containing personally identifiable information of third parties
• Attempt to reverse-engineer, decompile, or reproduce the scanning engine or detection patterns
• Circumvent or abuse rate limits, access controls, or license key restrictions
• Use scan output to develop, train, or improve offensive security tools intended for unauthorised access
• Resell, sublicense, or redistribute the Service or its output without prior written consent
• Deliberately overload, attack, or disrupt the Service infrastructure (including DDoS, scraping, or credential stuffing)
• Create multiple free accounts to circumvent usage limits

Violation of this section may result in immediate account suspension without refund and, where applicable, legal action.

Upon successful payment, we issue a personal, non-transferable license key to your registered email address.

• The key may be used on projects you own or professionally manage
• Sharing, reselling, posting publicly, or transferring your key to a third party is strictly prohibited
• Violations will result in immediate key revocation without refund
• We reserve the right to revoke keys used in violation of these Terms

The free tier provides limited access to the Service at no charge, subject to the following restrictions:

• Maximum 2 scans per calendar month
• ZIP file uploads up to 20 MB
• Basic scan output (no exact line numbers, full fix guides, or code examples)

We reserve the right to adjust free-tier limits at any time to protect availability and performance of the Service for all users. We will endeavour to provide reasonable notice of significant changes.

Pricing: paid plans are priced in USD for international users and INR for users in India. Current prices are displayed on our Pricing page.

Payment processors:

• PayPal (international): payments received into a PayPal account operated by Rajan Gupta. PayPal's standard Buyer Protection applies to your transaction.
• Razorpay (India): for Indian users, payments may be processed via Razorpay, a Reserve Bank of India regulated payment aggregator. Razorpay's terms and policies govern the payment transaction.

Subscriptions (Monthly plan): billed automatically each month via the respective payment processor. You may cancel at any time through your PayPal or Razorpay account; access continues until the end of your current paid period.

Yearly plan: a single annual charge. Renews automatically unless cancelled before the renewal date.

Lifetime plan: a one-time payment granting permanent access for as long as the Service is operated.

14-day satisfaction guarantee: if the Service fails to function as described on a standard PHP hosting environment due to a defect on our side, you may request a full refund within 14 days of purchase by emailing support@wp-scan.org with your order details.

Refunds are not issued for:

• Change of mind after purchase
• Incompatibility caused by your non-standard server configuration
• Failure to read the product description before purchasing
• Cases where the scan has correctly identified security issues in your code
• Requests made after the 14-day window

Approved refunds are processed within 5–10 business days via the original payment method.

All code, design, detection pattern databases, documentation, and content that form the Service are the exclusive intellectual property of Rajan Gupta and are protected under applicable Indian and international copyright law.

You may not copy, reproduce, distribute, reverse-engineer, or create derivative works from any part of the Service without prior written permission. Scan reports generated by the Service may be used freely for your own internal security purposes.

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE", WITHOUT WARRANTY OF ANY KIND — EXPRESS, IMPLIED, OR STATUTORY — INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, ACCURACY, OR NON-INFRINGEMENT.

WE DO NOT WARRANT THAT:

• The Service will detect all security vulnerabilities present in your code
• The Service will be error-free, uninterrupted, or available at all times
• Scan results will be accurate, complete, or suitable for any particular purpose
• The Service is a substitute for a professional security audit

TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, RAJAN GUPTA (OPERATOR OF WP SCAN) SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES — INCLUDING LOSS OF PROFITS, DATA, BUSINESS, OR GOODWILL — ARISING FROM YOUR USE OF OR INABILITY TO USE THE SERVICE.

IN NO EVENT SHALL OUR TOTAL CUMULATIVE LIABILITY TO YOU EXCEED THE GREATER OF: (A) THE TOTAL AMOUNT YOU PAID FOR THE SERVICE IN THE 12 MONTHS PRECEDING THE CLAIM, OR (B) USD $50.

We reserve the right to modify, update, or discontinue any part of the Service at any time. We will endeavour to:

• Give at least 30 days notice before discontinuing the Service entirely
• Offer a pro-rata refund to active paid subscribers for any unused paid period in the event of Service discontinuation
• Notify registered users of material changes to the Service via email

We may suspend or terminate your account and revoke your license key without notice if you:

• Violate any provision of these Terms
• Engage in fraudulent, abusive, or illegal activity via the Service
• Initiate a chargeback or payment dispute without first contacting us

You may delete your account at any time by emailing support@wp-scan.org. Account deletion removes your personal data subject to legal retention requirements outlined in our Privacy Policy.

These Terms are governed by and construed in accordance with the laws of India, including the Information Technology Act, 2000 and its amendments.

In the event of a dispute, we both agree to first attempt resolution through good-faith negotiation via email within 30 days. If unresolved, disputes shall be subject to the exclusive jurisdiction of the courts located in India.

If any provision of these Terms is found to be unenforceable or invalid under applicable law, that provision shall be modified to the minimum extent necessary to make it enforceable, or severed, without affecting the enforceability of the remaining provisions.

For any questions regarding these Terms of Service:

Email: support@wp-scan.org
Operator: Rajan Gupta, India
Website: wp-scan.org