acstore.fi

Scanned Apr 19, 2026, 07:30 AM

Run a fresh audit — Upgrade

A · Safe

Plugins Detected

Active Vulnerabilities

Outdated Plugins

Abandoned

Security Assessment

Key findings for acstore.fi

10 active vulnerabilities detected across 50 plugins.
4 plugins are outdated and should be updated.
36 plugins have been abandoned by the developer.
Security headers grade F — 4 important headers are missing.
5 sensitive paths exposed to the public.

WordPress

Version 6.8.5

Core installation

Active Theme

salient-old v4.7.1

Up to date

Hosting Provider

Cloudflare

Infrastructure

Detected Plugins

50 total

Plugin	Version	Status	Vulnerabilities	Score
Contact Form 7 high confidence	6.1.3→6.1.5	Outdated	None found	92
revslider medium confidence	6.7.12	Outdated	mediumCVE-2025-10249 mediumCVE-2025-9217 +2 more	90
salient-core medium confidence	1.0	Outdated	mediumCVE-2025-59001 highCVE-2024-3812 +2 more	95
WooCommerce medium confidence	9.9.4→10.7.0	Outdated	mediumCVE-2026-3589 mediumCVE-2025-49042	87
LiteSpeed Cache medium confidence	7.8.1	Up to date	None found	82

10 total vulnerabilities detected across 50 plugins

Your full security report is ready

We found 50 plugins on this site. Unlock the complete analysis:

All 50 detected plugins

CVE details & patch status

Security header analysis

Exposed paths & TLS audit

DNS & email security

CT log subdomain discovery

Security Report

one-time

$49USD

Full report for this site
Every detected plugin & CVE
Remediation guidance
No re-audit after fixes

Get Report — $49

Recommended

Report + Re-audit

best value

$99USD

Everything in Security Report
One complimentary re-audit within 90 days
Verify your fixes actually closed the findings
Clean-record badge for your site

Get Report + Re-audit — $99

Guided Remediation

small business

$299USD

Everything in Report + Re-audit
15–30 min expert consult to triage findings
Prioritized action plan for your site
Optional partner handoff for fixes

Get Guided Remediation — $299

One-time payment · Instant access · No subscription required

Not ready to buy? We'll send you a one-time free alert

if we detect a new vulnerability affecting your plugins.

One free alert · Continuous monitoring available with a paid plan

Security Posture

Security Headers

TLS/SSL

Exposed Paths

Email Security

Security Headers

17/100

Content-Security-Policy

No Content-Security-Policy header. Your site is more vulnerable to XSS attacks.

Strict-Transport-Security

No HSTS header. Browsers can be tricked into using insecure HTTP connections.

X-Frame-Options

No clickjacking protection. Your site can be embedded in malicious iframes.

3 more checks — unlock full report to see all

TLS/SSL Certificate

Issuer

WE1

Expires

79 days

Protocol

TLSv1.3

Wildcard

Yes

Exposed Paths & Login Security

5 exposed

5 security issues found — unlock to see which paths are exposed.

DNS & Email Security

SPF

SPF record with soft fail (~all) — good email authentication.

DMARC

No DMARC record found.

DKIM

No DKIM record found for common selectors. Email authenticity cannot be verified (or uses a non-standard selector).

Infrastructure

Server Software

Server: cloudflare

X-Powered-By

Technology stack exposed: PHP/8.3.30, PleskLin. This header should be removed.

PHP Version

PHP 8.3.30 is supported.

Web Application Firewall

Cloudflare WAF detected — provides additional protection against attacks.

WP Version Exposed

WordPress version 6.8.5 is exposed in the generator meta tag. Consider removing it.

Scan another site