New audit

amarokspirit.ch

Scanned Jun 16, 2026, 12:58 PM

Run a fresh audit — Upgrade
95
A · Safe
15
Plugins Detected
3
Active Vulnerabilities
1
Outdated Plugins
0
Abandoned

Security Assessment

Key findings for amarokspirit.ch

  • 3 active vulnerabilities detected across 15 plugins.
  • 1 plugin is outdated and should be updated.
  • Security headers grade F — 3 important headers are missing.
  • TLS certificate expires in 19 days.
  • 5 sensitive paths exposed to the public.

WordPress

Version hidden
Core installation

Active Theme

Blocksy v2.1.45
Up to date

Hosting Provider

Cloudflare
Infrastructure

Detected Plugins

15 total
PluginVulnerabilities
None found
+1 more
None found
None found
None found
3 total vulnerabilities detected across 15 plugins

Your full security report is ready

We found 15 plugins on this site. Unlock the complete analysis:

All 15 detected plugins
CVE details & patch status
Security header analysis
Exposed paths & TLS audit
DNS & email security
CT log subdomain discovery

Security Report

one-time
$49USD
  • Full report for this site
  • Every detected plugin & CVE
  • Remediation guidance
  • No re-audit after fixes
Get Report — $49
Recommended

Report + Re-audit

best value
$99USD
  • Everything in Security Report
  • One complimentary re-audit within 90 days
  • Verify your fixes actually closed the findings
  • Clean-record badge for your site

Guided Remediation

small business
$299USD
  • Everything in Report + Re-audit
  • 15–30 min expert consult to triage findings
  • Prioritized action plan for your site
  • Optional partner handoff for fixes
Get Guided Remediation — $299

One-time payment · Instant access · No subscription required

Not ready to buy? We'll send you a one-time free alert

if we detect a new vulnerability affecting your plugins.

One free alert · Continuous monitoring available with a paid plan

Security Posture

F
Security Headers
C
TLS/SSL
F
Exposed Paths
B
Email Security

Security Headers

33/100
Content-Security-Policy

No Content-Security-Policy header. Your site is more vulnerable to XSS attacks.

Strict-Transport-Security

HSTS is enabled. Consider adding includeSubDomains for better protection.

X-Frame-Options

No clickjacking protection. Your site can be embedded in malicious iframes.

3 more checks — unlock full report to see all

TLS/SSL Certificate

Issuer
R12
Expires
19 days
Protocol
TLSv1.3
Wildcard
No

Exposed Paths & Login Security

5 exposed

5 security issues found — unlock to see which paths are exposed.

DNS & Email Security

SPF

SPF record with hard fail (-all) — strong email authentication.

DMARC

DMARC policy is set to reject — strongest protection against email spoofing.

DKIM

No DKIM record found for common selectors. Email authenticity cannot be verified (or uses a non-standard selector).

Certificate Transparency

90 certificates found · 8 subdomains discovered

Infrastructure

Server Software

Server: Apache

X-Powered-By

X-Powered-By header is not exposed.

Web Application Firewall

No WAF detected. Consider adding one for additional protection.