nelimarkka-museo.fi

Scanned May 19, 2026, 06:07 AM

Run a fresh audit — Upgrade

A · Safe

Plugins Detected

Active Vulnerabilities

Outdated Plugins

Abandoned

Security Assessment

Key findings for nelimarkka-museo.fi

No known vulnerabilities detected in installed plugins.
2 plugins have been abandoned by the developer.
1 sensitive path exposed to the public.

WordPress

Version 6.9.4

Core installation

Active Theme

nelimarkka-divi-child v4.27.6

Up to date

Hosting Provider

Unknown

Infrastructure

Detected Plugins

5 total

Plugin	Version	Status	Vulnerabilities	Score
Xtoool Redirecter medium confidence	1.0.1	Abandoned	None found	85
Search with Algolia Headless extention medium confidence	0.1.0	Abandoned	None found	85
Yoast SEO – Advanced SEO with real-time guidance and built-in AI medium confidence	27.4	Up to date	None found	89
Redirection medium confidence	5.7.5	Up to date	None found	97
SEO Fields API Support medium confidence	1.1	Up to date	None found	100

Unlock the full security analysis

Get the full breakdown of your site's security posture:

All 5 detected plugins

CVE details & patch status

Security header analysis

Exposed paths & TLS audit

DNS & email security

CT log subdomain discovery

Security Report

one-time

$49USD

Full report for this site
Every detected plugin & CVE
Remediation guidance
No re-audit after fixes

Get Report — $49

Recommended

Report + Re-audit

best value

$99USD

Everything in Security Report
One complimentary re-audit within 90 days
Verify your fixes actually closed the findings
Clean-record badge for your site

Get Report + Re-audit — $99

Guided Remediation

small business

$299USD

Everything in Report + Re-audit
15–30 min expert consult to triage findings
Prioritized action plan for your site
Optional partner handoff for fixes

Get Guided Remediation — $299

One-time payment · Instant access · No subscription required

Not ready to buy? We'll send you a one-time free alert

if we detect a new vulnerability affecting your plugins.

One free alert · Continuous monitoring available with a paid plan

Security Posture

Security Headers

TLS/SSL

Exposed Paths

Email Security

Security Headers

83/100

Content-Security-Policy

CSP is configured, helping prevent XSS and injection attacks.

Strict-Transport-Security

HSTS is enabled. Consider adding includeSubDomains for better protection.

X-Frame-Options

Clickjacking protection is enabled.

3 more checks — unlock full report to see all

TLS/SSL Certificate

Issuer

Expires

88 days

Protocol

TLSv1.3

Wildcard

Yes

Exposed Paths & Login Security

1 exposed

1 security issues found — unlock to see which paths are exposed.

DNS & Email Security

SPF

SPF record with hard fail (-all) — strong email authentication.

DMARC

DMARC policy is set to reject — strongest protection against email spoofing.

DKIM

DKIM record found for selector "default". Email signatures can be verified.

Certificate Transparency

80 certificates found

Infrastructure

Server Software

Server: nginx

X-Powered-By

Technology stack exposed: Seravo. This header should be removed.

Web Application Firewall

No WAF detected. Consider adding one for additional protection.

WP Version Exposed

WordPress version 6.9.4 is exposed in the generator meta tag. Consider removing it.

Scan another site