New audit

showerwall.co.uk

Scanned Jun 19, 2026, 09:19 AM

Run a fresh audit — Upgrade
95
A · Safe
10
Plugins Detected
19
Active Vulnerabilities
6
Outdated Plugins
0
Abandoned

Security Assessment

Key findings for showerwall.co.uk

  • 19 active vulnerabilities detected across 10 plugins.
  • 6 plugins are outdated and should be updated.
  • 3 sensitive paths exposed to the public.

WordPress

Version hidden
Core installation

Active Theme

Not detected

Hosting Provider

AWS / Amazon
Infrastructure

Detected Plugins

10 total
PluginVulnerabilities
WooCommerce
WooCommerce
medium confidence
+5 more
+4 more
+1 more
WP Store Locator
WP Store Locator
medium confidence
19 total vulnerabilities detected across 10 plugins

Your full security report is ready

We found 10 plugins on this site. Unlock the complete analysis:

All 10 detected plugins
CVE details & patch status
Security header analysis
Exposed paths & TLS audit
DNS & email security
CT log subdomain discovery

Security Report

one-time
$49USD
  • Full report for this site
  • Every detected plugin & CVE
  • Remediation guidance
  • No re-audit after fixes
Get Report — $49
Recommended

Report + Re-audit

best value
$99USD
  • Everything in Security Report
  • One complimentary re-audit within 90 days
  • Verify your fixes actually closed the findings
  • Clean-record badge for your site

Guided Remediation

small business
$299USD
  • Everything in Report + Re-audit
  • 15–30 min expert consult to triage findings
  • Prioritized action plan for your site
  • Optional partner handoff for fixes
Get Guided Remediation — $299

One-time payment · Instant access · No subscription required

Not ready to buy? We'll send you a one-time free alert

if we detect a new vulnerability affecting your plugins.

One free alert · Continuous monitoring available with a paid plan

Security Posture

C
Security Headers
A
TLS/SSL
F
Exposed Paths
B
Email Security

Security Headers

64/100
Content-Security-Policy

No Content-Security-Policy header. Your site is more vulnerable to XSS attacks.

Strict-Transport-Security

HSTS max-age is too short. Recommended: at least 1 year (31536000).

X-Frame-Options

Clickjacking protection is enabled.

4 more checks — unlock full report to see all

TLS/SSL Certificate

Issuer
YR1
Expires
73 days
Protocol
TLSv1.3
Wildcard
Yes

Exposed Paths & Login Security

3 exposed

3 security issues found — unlock to see which paths are exposed.

DNS & Email Security

SPF

SPF record with hard fail (-all) — strong email authentication.

DMARC

DMARC policy is set to none — monitoring only, not enforcing.

DKIM

DKIM record found for selector "default". Email signatures can be verified.

Infrastructure

Server Software

Server: LiteSpeed

X-Powered-By

X-Powered-By header is not exposed.

Web Application Firewall

No WAF detected. Consider adding one for additional protection.