retry.ae

Scanned Apr 3, 2026, 06:02 AM

Re-scan — Upgrade

A · Safe

Plugins Detected

Active Vulnerabilities

Outdated Plugins

Abandoned

Security Assessment

Key findings for retry.ae

6 active vulnerabilityies detected across 11 plugins.
2 plugins are outdated and should be updated.
2 plugins have been abandoned by the developer.
Security headers grade F — 4 important headers are missing.
Active theme "salient" has 2 known vulnerabilityies.

WordPress

Version 6.9.4

Core installation

Active Theme

salient v4.7.1

Outdated2 active vulns

Hosting Provider

Unknown

Infrastructure

Detected Plugins

11 total

Plugin	Version	Status	Vulnerabilities	Score
Contact Form 7 high confidence	6.1.3→6.1.5	Outdated	None found	89
salient-core medium confidence	1.0	Outdated	mediumCVE-2025-59001 highCVE-2024-3812 +2 more	93
sitepress-multilingual-cms medium confidence		Up to date	None found	81
Invisible Anti Spam for Contact Form 7 (Simple No-Bot) medium confidence	2.2.5	Abandoned	None found	85
Contact Form 7 Cost Calculator (Add-on for CF7) medium confidence	1.0.0	Abandoned	None found	85

6 total vulnerabilityies detected across 11 plugins

Your full security report is ready

We found 11 plugins on this site. Unlock the complete analysis:

All 11 detected plugins

CVE details & patch status

Security header analysis

Exposed paths & TLS audit

DNS & email security

CT log subdomain discovery

Unlock Full Report — $4.99

One-time payment · Instant access · No subscription required

Not ready to buy? We'll send you a one-time free alert

if we detect a new vulnerability affecting your plugins.

One free alert · Continuous monitoring available with a paid plan

Security Posture

Security Headers

TLS/SSL

Exposed Paths

Email Security

Security Headers

17/100

Content-Security-Policy

No Content-Security-Policy header. Your site is more vulnerable to XSS attacks.

Strict-Transport-Security

No HSTS header. Browsers can be tricked into using insecure HTTP connections.

X-Frame-Options

No clickjacking protection. Your site can be embedded in malicious iframes.

3 more checks — unlock full report to see all

TLS/SSL Certificate

Issuer

R12

Expires

88 days

Protocol

TLSv1.3

Wildcard

Exposed Paths & Login Security

0 exposed

No critical paths exposed. Unlock for the full breakdown.

DNS & Email Security

SPF

SPF record with soft fail (~all) — good email authentication.

DMARC

DMARC policy is set to none — monitoring only, not enforcing.

DKIM

No DKIM record found for common selectors. Email authenticity cannot be verified (or uses a non-standard selector).

Infrastructure

Server Software

Server: nginx

X-Powered-By

Technology stack exposed: PHP/8.4.19, PleskLin. This header should be removed.

PHP Version

PHP 8.4.19 is supported.

Web Application Firewall

No WAF detected. Consider adding one for additional protection.

WP Version Exposed

WordPress version 6.9.4 is exposed in the generator meta tag. Consider removing it.

Scan another site