Are you a security-conscious WordPress user? WPScan is an open source WordPress security scanner. You can use it to scan your WordPress website for known vulnerabilities within the WordPress core, as well as popular WordPress plugins and themes. Learn more about WPScan and how you can use this tool to improve your security in WordPress in an informative Security Boulevard article:
Since it is a WordPress black box scanner, it mimics a real attacker. This means it does not rely on any sort of access to your WordPress dashboard or source code to conduct the tests. In other words, if WPScan can find a vulnerability in your WordPress website, so can an attacker.
WPScan uses the vulnerability database calledwpvulndb.comto check the target for known vulnerabilities. The team which develops WPScan maintains this database. It has an ever-growing list of WordPress core, plugins and themes vulnerabilities.
The link for this article located at Security Boulevard is no longer available.