IP Location.net Tools site
wpscan

WP Scanner

Use WP Scanner for a quick, focused task.

Wordpress is one of the most popular "open-source" blog platform used today. With popularity, there are security risks associated with using it as scammers are targetting vulnerable Wordpress sites to sabotage systems to their advantage. Use our WP Security Scanner to diagnose your Wordpress instance.

WP Scanner

Enter a public WordPress site URL to review visible WordPress signals, exposed endpoints, themes, plugins, users, and security headers.

Run a bounded public WordPress exposure scan without brute force or exploitation.

Recommended Next Checks

Continue the same task with related tools. When possible, your current input is carried to the next page.

How to use WP Scanner

Use WP Scanner when you need a fast, browser-friendly way to complete a online task quickly. Enter the required value, review any validation hints, and run the tool to get a clear result that can be copied, downloaded, or used in your next workflow.

This Security Tools utility is designed for repeatable checks and everyday troubleshooting. For best results, use complete and accurate input, review the output carefully, and combine the result with related tools when you need a broader diagnosis.

When this tool is useful

  • Checking a value before publishing, deploying, or sharing it.
  • Saving time on routine security tools tasks.
  • Comparing results with related IPLocation.net tools for a more complete review.
  • Documenting a result for technical support, SEO work, security review, or development notes.

WP Scanner tips

Keep a copy of the original input when comparing results, especially for DNS, web, image, PDF, text, and code tools. If a result depends on live network data, remember that DNS records, HTTP headers, certificates, rankings, and third-party responses can change over time.

The WP Scanner is part of the IPLocation.net security tool collection. It is designed to provide practical results while keeping the workflow simple, readable, and useful for developers, site owners, analysts, and everyday users.

This Laravel WP Scanner replaces the legacy shell-based script with a bounded, non-invasive HTTP check. It reviews public WordPress signals, visible theme and plugin paths, REST API exposure, XML-RPC availability, readme visibility, install-page exposure, and common security headers.

The scan does not brute-force passwords, exploit vulnerabilities, enumerate private data, or submit attack payloads. Use it as a quick hardening review, then follow up with authenticated WordPress security plugins, patch management, backups, and server-side logs.

Suggest an improvement

Tell us if something is confusing, broken, incorrect, or missing. Feedback helps us improve the tools and workflows people use every day.