Loading...
Loading...
WordPress powers over 40% of the web — and is the most targeted CMS by attackers. Our passive WordPress Security Check identifies publicly visible risks without logging into your site, installing plugins, or performing any intrusive testing.
Every Website Trust & Security Snapshot covers these areas. All checks are passive and use only publicly available information.
Identify the WordPress version from public indicators. Outdated versions are the #1 attack vector for WordPress sites.
Detect publicly visible plugins from readme files, generator tags, and page source. Old or abandoned plugins introduce vulnerabilities.
Check if wp-admin, wp-login, and XML-RPC are publicly accessible. These are common brute force and attack targets.
Verify security-related configuration from public headers and responses. Detect common misconfigurations that leak information.
Check for exposed wp-config backups, .git directories, backup archives, and debug.log files that could reveal credentials or structure.
Practical WordPress hardening advice based on what we find. Focused on the highest-impact changes that protect your site.
The Website Trust & Security Snapshot is available as part of our Starter (299€) and Standard (499€) packages. The Standard package includes deeper analysis, risk prioritization, and email support.
Every report includes findings explained in terms of customer trust, fraud risk, and practical next steps.