Does Vulners Scanner have any unpatched vulnerabilities?

No published vulnerabilities and no findings under coordinated disclosure as of the latest data update. Always keep the plugin updated to the latest version.

Is Vulners Scanner compatible with WordPress 6.4.8?

According to WordPress.org data, Vulners Scanner 1.3 has been tested up to WordPress 6.4.8. Check the plugin's changelog for the latest compatibility information.

How often is Vulners Scanner updated?

Vulners Scanner was last updated on Mar 20, 2024. Frequent updates are generally a positive security signal.

What is Vulners Scanner's security score?

Vulners Scanner has a WP-Safety security score of 85/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Vulners Scanner Security & Risk Analysis

wordpress.org/plugins/vulners-scanner

This is a WordPress plugin using Vulners service. It helps one to find vulnerabilities in OS packages and installed WP-plugins using Vulners scanner A …

10 active installs v1.3 PHP + WP + Updated Mar 20, 2024

externalvulnerability-assessment

A · Safe

CVEs total0

Unpatched0

Last CVENever

Plugin page Download

Safety Verdict

Is Vulners Scanner Safe to Use in 2026?

Generally Safe

Score 85/100

Vulners Scanner has no known CVEs and is actively maintained. It's a solid choice for most WordPress installations.

No known CVEs Updated 2yr ago

Risk Assessment

The "vulners-scanner" plugin v1.3 demonstrates a generally good security posture with no known vulnerabilities in its history. The static analysis reveals a relatively small attack surface with all identified entry points (AJAX handlers) seemingly protected by authentication. The plugin also correctly utilizes prepared statements for its SQL queries and implements nonce checks on its AJAX endpoints. However, there are several areas of concern. The presence of the `exec` function is a significant red flag, as it can be a gateway to command injection vulnerabilities if user-supplied data is not rigorously sanitized before being passed to it. Furthermore, the output escaping is only moderately effective at 57%, indicating potential for cross-site scripting (XSS) vulnerabilities. The lack of capability checks on its AJAX handlers is also a weakness, as it means that any authenticated user, regardless of their role, could potentially trigger these actions, increasing the risk of unauthorized operations.

Key Concerns

Presence of dangerous 'exec' function
Moderate output escaping (57% proper)
No capability checks on AJAX handlers

Vulnerabilities

None known

Vulners Scanner Security Vulnerabilities

No known vulnerabilities — this is a good sign.

Version History

Vulners Scanner Release Timeline

v1.3Current

v1.2

v1.1

v1.0

Code Analysis

Analyzed Mar 16, 2026

Vulners Scanner Code Analysis

Dangerous Functions

Raw SQL Queries

0 prepared

Unescaped Output

4 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Dangerous Functions Found

execexec($cmd, $out);index.php:248

Output Escaping

57% escaped7 total outputs

Attack Surface

Vulners Scanner Attack Surface

Entry Points3

Unprotected0

AJAX Handlers 3

authwp_ajax_vulners_audit_osindex.php:442

authwp_ajax_vulners_audit_pluginsindex.php:443

authwp_ajax_vulners_get_last_scansindex.php:444

WordPress Hooks 8

actionadmin_initindex.php:480

actionadmin_menuindex.php:517

actionadmin_enqueue_scriptsindex.php:539

actionadmin_menuindex.php:558

actionadmin_noticesindex.php:596

filtercron_schedulesindex.php:618

actionvulners_cron_hookindex.php:627

actionadmin_initindex.php:637

Scheduled Events 1

vulners_cron_hook

Maintenance & Trust

Vulners Scanner Maintenance & Trust

Maintenance Signals

WordPress version tested6.4.8

Last updatedMar 20, 2024

PHP min version

Downloads2K

Community Trust

Rating0/100

Number of ratings0

Active installs10

Alternatives

Vulners Scanner Alternatives

Broken Link Checker

broken-link-checker

Broken Link Checker helps you catch broken links & images fast, before they hurt your SEO or UX. Scan and bulk-fix issues from one easy dashboard.

500K 12 CVEs

Broken Link Checker by AIOSEO – Easily Fix/Monitor Internal and External links

broken-link-checker-seo

Broken Link Checker by AIOSEO ensures all links on your website are working. Check your site for broken links and easily fix them to improve SEO.

300K 3 CVEs

Page Links To

page-links-to

100

Lets you make a WordPress page (or port or other content type) link to a URL of your choosing (on your site, or on another site), instead of its norma …

100K No CVEs

External Links – nofollow, noopener & new window

wp-external-links

Internal links & external links manager: open in new window or tab, control nofollow, ugc, sponsored & noopener. SEO friendly.

90K 3 CVEs

External Links in New Window / New Tab

open-external-links-in-a-new-window

Open external links in a new window or new tab. SEO optimized and XHTML Strict compliant.

30K 2 CVEs

Developer Profile

Vulners Scanner Developer Profile

Vulners.com

1 plugin · 10 total installs

trust score

Avg Security Score

85/100

Avg Patch Time

30 days

View full developer profile

Detection Fingerprints

How We Detect Vulners Scanner

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/vulners-scanner/css/vulners.css/wp-content/plugins/vulners-scanner/js/vulners.js

Script Paths

/wp-content/plugins/vulners-scanner/js/vulners.js

Version Parameters

vulners-scanner/css/vulners.css?ver=vulners-scanner/js/vulners.js?ver=

HTML / DOM Fingerprints

JS Globals

vulners_global_vars

FAQ