Scan your WordPress site for security vulnerabilities in seconds. 12 comprehensive checks performed from the outside — no login required.
Free tool. No login required. 12 security checks performed.
Scanning...
Running 12 security checks...
This scanner is designed specifically for WordPress sites. Try one of our other free tools instead.
Yes, completely free. No registration, no email, no limits. Simply enter your WordPress site URL and get instant results with 12 security checks.
We run 12 security checks including debug mode exposure, XML-RPC status, user enumeration, directory listing, login page exposure, HTTPS redirect, WordPress version exposure, installation file access, readme file exposure, WP-Cron access, RSD link exposure, and REST API access.
No. All checks are read-only from the outside. We never log in, modify files, or make any changes to your site. The scanner only examines publicly accessible information.
Each failed check includes a specific recommendation on how to fix it. You can fix the issues manually or install a security plugin like GuardPress Pro that automates the fixes for you.
You start at 100 points. Critical issues deduct 20 points, High issues deduct 12, Medium deducts 7, Low deducts 3, and Info deducts 1. Grades are assigned as: A (90-100), B (75-89), C (60-74), D (40-59), F (0-39).