Call us:    +44 (0) 207 0439 349        Company      Contact us

WPScan Online, Free WordPress Security Scanner

WPScan is a black box WordPress Security Scanner written in Ruby, which attempts to find known security weaknesses within WordPress installations. It’s intended to be for security professionals or WordPress administrators to assess the security posture of their WordPress installations.


  • Username enumeration (from author querystring and location header)
  • Weak password cracking (multithreaded)
  • Version enumeration (from generator meta tag)
  • Vulnerability enumeration (based on version)
  • Plugin enumeration (2220 most popular by default)
  • Plugin vulnerability enumeration (based on version)
  • Plugin enumeration list generation
  • Other misc WordPress checks (theme name, dir listing etc.)

wpscan online


WPScan Online can be used online via our penetration testing tools suite, click here to sign up.


You may also be interested in our professional penetration testing services.

Registered Memberships and Partners:

OWASP - Open Web Applications Security Project
ISSA UK - Information Systems Security Association UK
NIST - Computer Security Division of NIST
UKITA - UK Information Technology Association
ISF - Information Security Forum
ISACA - Information Security Audit & Control Association

  • Latest Tweets

    • Britain's security has been threatened by 188 high-level cyber attacks in the last three months, according to a government security chief.

    • Libraries across the city of St Louis are gradually regaining control of their computer systems, following a malware attack on 17 Libraries.

This website uses cookies to improve user experience. By using our website you consent to all cookies issued by this website.
I agree Disagree