WPScan – WordPress Security Scanner for WordPress Plugin Directory
WPScan – WordPress Security Scanner is a WordPress app, with a 3.8 average rating from 28 reviews, as of July 9, 2026.
WPScan – WordPress Security Scanner is a WordPress Plugin Directory app by ethicalhack3r. With a rating of 3.8★ from 28 reviews.
AppRanks verdict
Generated from live marketplace data — refreshed daily
WPScan – WordPress Security Scanner is a mixed-rating WordPress app with a limited review volume. It is listed in the Vulnerability category on WordPress Plugin Directory, which AppRanks treats as the canonical taxonomy node for ranking and competitor comparison. 28 reviews put it in the early-traction tier — useful for early-stage stores willing to be on the leading edge. Early-traction review counts are sensitive to single launch periods or feature events, so a 30-day re-check before bigger commitments often resolves whether the trend is sustained. Paid-only pricing means evaluating fit on the marketplace listing or via the developer's documentation before installing. AppRanks tracks rating, review count, pricing tier, and category position daily — the figures on this page reflect the most recent scrape from the canonical WordPress Plugin Directory listing.
Pros
- +Published by ethicalhack3r — established developer track record
Cons
- −Average rating below 4.0 (3.8★) — read recent low-star reviews before committing
- −Limited review base (28) — ratings can shift significantly with new feedback
Looking to switch from WPScan – WordPress Security Scanner?
See WPScan – WordPress Security Scanner's alternatives ranked by audit score, rating, and review velocity.
How WPScan – WordPress Security Scanner works
Show full descriptionShow less
Please note: This plugin is no longer actively supported for non-enterprise customers. We recommend using Jetpack Protect – a free security plugin for WordPress that leverages the extensive database of WPScan. Jetpack Protect scans your site and warns you about vulnerabilities, keeping your site one step ahead of security threats and malware.
The WPScan WordPress security plugin is unique in that it uses its own manually curated WPScan WordPress Vulnerability Database. The vulnerability database has been around since 2014 and is updated on a daily basis by dedicated WordPress security specialists and the community at large. The database includes more than 21,000 known security vulnerabilities. The plugin uses this database to scan for WordPress vulnerabilities, plugin vulnerabilities and theme vulnerabilities, and has the options to schedule automated daily scans and to send email notifications.
WPScan has a Free API plan that should be suitable for most WordPress websites, however, also has paid plans for users who may need more API calls. To use the WPScan WordPress Security Plugin you will need to use a free API token by registering here.
The Free plan allows 25 API requests per day. View the different available API plans.
How many API requests do you need?
Our WordPress scanner makes one API request for the WordPress version, one request per installed plugin and one request per installed theme.
On average, a WordPress website has 22 installed plugins.
The Free plan should cover around 50% of all WordPress websites.
Security Checks The WPScan WordPress Security Plugin will also check for other security issues, which do not require an API token, such as:
Check for debug.log files
Check for wp-config.php backup files
Check if XML-RPC is enabled
Check for code repository files
Check if default secret keys are used
Check for exported database files
Weak passwords
HTTPS enabled
What does the plugin do?
Scans for known WordPress vulnerabilities, plugin vulnerabilities and theme vulnerabilities;
Does additional security checks;
Shows an icon on the Admin Toolbar with the total number of security vulnerabilities found;
Notifies you by mail when new security vulnerabilities are found.
Further Reading
WPScan WordPress Vulnerability Database
WPScan WordPress Security Scanner
WPScan Twitter
Category rankings
As of Jul 9, 2026- Hack#0of 8Top 1%
- Vulnerability#0of 12Top 1%
- Wpscan#0of 4Top 1%
- Wpvulndb#0of 1Top 1%
- Security#83of 635Top 14%
See 90-day rank history for each category
Track daily rank changes, category shifts, and position volatility.
Competitors & alternatives
WPScan – WordPress Security Scannerdoesn't have curated competitor matchups yet. Other tracked vulnerability apps on WordPress:
Where WPScan – WordPress Security Scanner stands in the Vulnerability category
WPScan – WordPress Security Scanner ranks #0 of 12 apps in the Vulnerability category, placing it in the top 1% of the listing.
Frequently asked questions
What is WPScan – WordPress Security Scanner?
WPScan – WordPress Security Scanner is an app for WordPress. It currently holds a 3.8-star rating from 28 merchant reviews, and AppRanks has been tracking its public marketplace data on a daily refresh cycle. It is listed under the Vulnerability category on AppRanks, where you can see its current category position, review-velocity trend, and how it compares against the top alternatives in the same space. Developed by ethicalhack3r.
Who uses WPScan – WordPress Security Scanner?
Currently around 8,000 active stores have installed WPScan – WordPress Security Scanner. Its review base is still building, which usually maps to early-stage merchants and stores piloting a new workflow. It is part of the Vulnerability category on WordPress.