WordPress Vulnerability Scanner
Discover known vulnerable plugins in your website
Security Ninja offers free vulnerability detection for your WordPress website. This feature warns you if there is a known problem in a plugin that allows hackers to attack your website.
We scan public repositories for vulnerabilities related to WordPress and compare that list to the plugins installed on your website.
When you install Security Ninja, the list of vulnerabilities is downloaded automatically to your website and then updated regularly.
Free for everyone
This feature is available to free and premium users and alerts you to any plugins you have installed that has a known exploit or vulnerability.
When you install WP Security Ninja, the list of vulnerabilities is downloaded automatically to your website and then updated regularly.
The API will expand in the future to also include warnings for WordPress themes.
Your data is private!
The list is gathered by scanning sources such as the NVD - National Vulnerability Database and then downloaded to your website from our API.
Your installed plugins are then checked against the local list and you will be alerted to any vulnerable plugins on your website.
All checking of vulnerabilities happens directly on your website, no data is sent back to our servers.
Why are people looking for vulnerabilities?
Why are there security flaws in software?
There are many reasons why a flaw can appear in a plugin or a theme. It can be due to simple mistakes, misleading documentation, lack of experience working with WordPress code, or a ton of other reasons. Many plugins also use 3rd party libraries for different tasks, and it could be here that a security flaw exists.
Many times this problem can be alleviated by keeping your plugins up to date. Still, there are also cases where a vulnerability is made public even before the developers have a chance to know about it and create a fix.