Exploit Scanner WordPress Plugin


Last week I was reading the official WordPress blog and I came across an interesting plugin: WordPress Exploit Scanner. It basically scans your database entries and site files looking for suspicious lines of codes. On top of that it also looks for suspicious plugins, posts, pages, users and WordPress settings.

Here is a screenshot:


It is worth to run this plugin once in a while, and especially if you believe that a malicious user might have compromised your installation recently or in the past.

Browse all articles on the WordPress category

12 Responses to “Exploit Scanner WordPress Plugin”

  • Bridget Wright

    While doing some updates and checks on my sites, I discovered that the exploit scanner plugin was actually CAUSING the problem and was advised by my hosting company to remove it. Not certain as to how this could have happened, and the hacking situation apparently penetrated all of my sites (11 total).

  • Kent @ Leawo

    I think the best way to turn away hackers is to forbid user upload besides blog administrator. Carefully check the functions which could be used to run malicious scripts or something that can compromise the blog security.
    To come back to this plugin, it is really a useful gadget to examine exploits fast and conveniently. Worth a try. ^_^

  • Keith Davis

    Looks like a useful plugin… with all this talk of wordpress hackers, I might give it a go.

    Anybody using it out there? Any feedback?

  • Tinh

    I know this but do not know how to fix if errors found as I am newbie and non-tech blogger

  • zeesu

    good plugin.once someone hacked my website.it was lot of headache for me.i needed to restore everything from backup

  • Dana @ Online Knowledge

    Very useful tool for security purpose. I will try it.

  • Ben Lang

    I just wanted to give you a shoutout. You are a remarkable blogger and a role model to me! Thanks so much!
    Ben Lang

  • Gabe | freebloghelp.com

    Never tried it but Exploit Scanner looks like something I could use. Thanks for the heads up!

  • Justin L

    You’ll want to fix the hyperlink on the link to the plugin!

    Take care.

  • Ronald

    You might wish to check the link to the plugin in the WordPress plugin directory, now it says:

    WordPress Exploit Scanner

  • Tim Trice

    I actually had a hacker, xurguxx or something like that, get into two of my sites along with many others are on my server a couple of weeks ago. Running this plugin revealed he had installed many php scripts in my uploads directory. Obviously, they’ve since been deleted.

    In addition, he managed to delete all of my users so that I could not log in – had to log in from Cpanel. I have no idea how but it is what it is.

    I read the same post you read about this plugin and I fully recommend it. If you have a lot of plugins, though, be aware. It can take a while and not everything it returns is malicious. Use Google to assure before altering code.

  • Stephanie

    That’s a great plugin. I’ve been hit by an exploit, and while I was able to find out how to clean it up fairly easily, it’s not fun to waste time on.

Comments are closed.