www.moycor.com
Scanned Jun 7, 2026, 12:16 AM
Run a fresh audit — UpgradeSecurity Assessment
Key findings for www.moycor.com
- 1 critical vulnerability requiring immediate attention.
- 39 active vulnerabilities detected across 50 plugins.
- 5 plugins are outdated and should be updated.
- 40 plugins have been abandoned by the developer.
- Security headers grade F — 4 important headers are missing.
- 4 sensitive paths exposed to the public.
WordPress
Active Theme
Hosting Provider
Detected Plugins
50 total| Plugin | Vulnerabilities |
|---|---|
Contact Form 7 high confidence | |
Mega Addons For WPBakery Page Builder high confidence | None found |
WooCommerce medium confidence | |
WPML Multilingual & Multicurrency for WooCommerce medium confidence | |
eu-cookie-law medium confidence | mediumCVE-2022-3811 mediumCVE-2019-16522 |
Your full security report is ready
We found 50 plugins on this site. Unlock the complete analysis:
Security Report
- Full report for this site
- Every detected plugin & CVE
- Remediation guidance
- No re-audit after fixes
Report + Re-audit
- Everything in Security Report
- One complimentary re-audit within 90 days
- Verify your fixes actually closed the findings
- Clean-record badge for your site
Guided Remediation
- Everything in Report + Re-audit
- 15–30 min expert consult to triage findings
- Prioritized action plan for your site
- Optional partner handoff for fixes
One-time payment · Instant access · No subscription required
Not ready to buy? We'll send you a one-time free alert
if we detect a new vulnerability affecting your plugins.
One free alert · Continuous monitoring available with a paid plan
Security Posture
Security Headers
17/100No Content-Security-Policy header. Your site is more vulnerable to XSS attacks.
No HSTS header. Browsers can be tricked into using insecure HTTP connections.
No clickjacking protection. Your site can be embedded in malicious iframes.
TLS/SSL Certificate
Exposed Paths & Login Security
4 exposed4 security issues found — unlock to see which paths are exposed.
DNS & Email Security
No SPF record. Your domain can be easily spoofed in phishing emails.
No DMARC record found.
DKIM record found for selector "default". Email signatures can be verified.
Infrastructure
Server version exposed (Apache/2.4.29 (Ubuntu)). Consider hiding version numbers.
X-Powered-By header is not exposed.
No WAF detected. Consider adding one for additional protection.
WordPress version 4.9.26 is exposed in the generator meta tag. Consider removing it.