New audit

eyefourty.com

Scanned Jun 10, 2026, 02:21 PM

Run a fresh audit — Upgrade
96
A · Safe
3
Plugins Detected
0
Active Vulnerabilities
0
Outdated Plugins
0
Abandoned

Security Assessment

Key findings for eyefourty.com

  • No known vulnerabilities detected in installed plugins.
  • Security headers grade F — 4 important headers are missing.
  • 4 sensitive paths exposed to the public.

WordPress

Version 7.0
Core installation

Active Theme

Twenty Twenty-Five
Up to date

Hosting Provider

Unknown
Infrastructure

Detected Plugins

3 total
PluginVulnerabilities
None found
None found
None found

Unlock the full security analysis

Get the full breakdown of your site's security posture:

All 3 detected plugins
CVE details & patch status
Security header analysis
Exposed paths & TLS audit
DNS & email security
CT log subdomain discovery

Security Report

one-time
$49USD
  • Full report for this site
  • Every detected plugin & CVE
  • Remediation guidance
  • No re-audit after fixes
Get Report — $49
Recommended

Report + Re-audit

best value
$99USD
  • Everything in Security Report
  • One complimentary re-audit within 90 days
  • Verify your fixes actually closed the findings
  • Clean-record badge for your site

Guided Remediation

small business
$299USD
  • Everything in Report + Re-audit
  • 15–30 min expert consult to triage findings
  • Prioritized action plan for your site
  • Optional partner handoff for fixes
Get Guided Remediation — $299

One-time payment · Instant access · No subscription required

Not ready to buy? We'll send you a one-time free alert

if we detect a new vulnerability affecting your plugins.

One free alert · Continuous monitoring available with a paid plan

Security Posture

F
Security Headers
B
TLS/SSL
F
Exposed Paths
C
Email Security

Security Headers

17/100
Content-Security-Policy

No Content-Security-Policy header. Your site is more vulnerable to XSS attacks.

Strict-Transport-Security

No HSTS header. Browsers can be tricked into using insecure HTTP connections.

X-Frame-Options

No clickjacking protection. Your site can be embedded in malicious iframes.

3 more checks — unlock full report to see all

TLS/SSL Certificate

Issuer
Sectigo Public Server Authentication CA DV R36
Expires
44 days
Protocol
TLSv1.3
Wildcard
No

Exposed Paths & Login Security

4 exposed

4 security issues found — unlock to see which paths are exposed.

DNS & Email Security

SPF

No SPF record. Your domain can be easily spoofed in phishing emails.

DMARC

DMARC policy is set to none — monitoring only, not enforcing.

DKIM

No DKIM record found for common selectors. Email authenticity cannot be verified (or uses a non-standard selector).

Infrastructure

Server Software

Server version exposed (Apache/2.4.67 (Unix)). Consider hiding version numbers.

X-Powered-By

Technology stack exposed: PHP/8.4.21. This header should be removed.

PHP Version

PHP 8.4.21 is supported.

Web Application Firewall

No WAF detected. Consider adding one for additional protection.

WP Version Exposed

WordPress version 7.0 is exposed in the generator meta tag. Consider removing it.