CMS Security

WordPress Security Assessment

Powered by WordPress Vulnerability Scanner

Detect vulnerabilities in WordPress core, plugins, and themes. Enumerate users, check for known CVEs, and identify security misconfigurations.

Try a Free Scan See All Features

What You Get

WordPress Vulnerability Scanner is fully integrated into Metric Tower's scanning engine. Launch it alongside 74 other modules, or run it on its own.

  • Plugin vulnerability detection
  • Theme security checks
  • User enumeration
  • WordPress version detection
  • CVE database lookups

Part of a 75-Module Platform

Metric Tower runs 75+ scanner modules through a six-phase pipeline. WordPress Vulnerability Scanner runs as one module in this pipeline. Its results feed into downstream scanners automatically.

75+

Scanner Modules

6

Scan Phases

5

Export Formats

9

Ticketing Integrations

How It Works

Metric Tower runs WordPress Vulnerability Scanner as one of 75+ integrated modules.

1

Add Your Target

Enter a domain, IP address, or URL. MetricTower validates the target and sets up the scan workspace.

2

Select Modules & Launch

Choose WordPress Vulnerability Scanner along with any combination of other modules. The pipeline handles dependencies and execution order.

3

Review Findings

View real-time results as the scan progresses. Triage findings, export reports in 5 formats, and route alerts to your team.

Compliance Alignment

Helps meet ISO 27001 A.12.6.1 and SOC 2 CC7.1.

Metric Tower is a security scanning tool -- it helps you meet compliance requirements but does not provide compliance certifications.

View all compliance mappings

56+

Scanner Modules

6

Scan Phases

Real-Time

Results via WebSocket

SARIF

Export + 4 More Formats

Start Scanning with WordPress Vulnerability Scanner

Free tier available -- no credit card required.

Start Free View Pricing