[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fNuLpWMpeQlM6JM-vPUy4KhutaRHNazn940eUdLv23ZA":3},{"slug":4,"name":5,"version":6,"author":7,"author_profile":8,"description":9,"short_description":10,"active_installs":11,"downloaded":12,"rating":13,"num_ratings":13,"last_updated":14,"tested_up_to":15,"requires_at_least":16,"requires_php":9,"tags":17,"homepage":23,"download_link":24,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27,"vulnerabilities":28,"developer":29,"crawl_stats":26,"alternatives":36,"analysis":143,"fingerprints":206},"whook-security","Whook Security","1.3","darteweb","https:\u002F\u002Fprofiles.wordpress.org\u002Fdarteweb\u002F","","Our plugin Scans other plugins vulnerabilities listed in the WPScan Database of vulnerabilities.",10,1534,0,"2018-04-12T12:50:00.000Z","4.9.29","3.4",[18,19,20,21,22],"hack","scan","security","vulnerability","wpscan","http:\u002F\u002Fwww.darteweb.com","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwhook-security.1.3.zip",85,null,"2026-03-15T15:16:48.613Z",[],{"slug":7,"display_name":7,"profile_url":8,"plugin_count":30,"total_installs":31,"avg_security_score":32,"avg_patch_time_days":33,"trust_score":34,"computed_at":35},3,20,90,30,87,"2026-04-04T21:23:07.597Z",[37,56,75,98,121],{"slug":22,"name":38,"version":39,"author":40,"author_profile":41,"description":42,"short_description":43,"active_installs":44,"downloaded":45,"rating":46,"num_ratings":47,"last_updated":48,"tested_up_to":49,"requires_at_least":16,"requires_php":50,"tags":51,"homepage":53,"download_link":54,"security_score":55,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"WPScan – WordPress Security Scanner","1.16","ethicalhack3r","https:\u002F\u002Fprofiles.wordpress.org\u002Fethicalhack3r\u002F","\u003Cp>\u003Cstrong>Please note:\u003C\u002Fstrong> This plugin is no longer actively supported for non-enterprise customers. \u003Cstrong>We recommend using \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fjetpack-protect\u002F\" rel=\"ugc\">Jetpack Protect\u003C\u002Fa>\u003C\u002Fstrong> – a free security plugin for WordPress that leverages the extensive database of WPScan. Jetpack Protect scans your site and warns you about vulnerabilities, keeping your site one step ahead of security threats and malware.\u003C\u002Fp>\n\u003Cp>The WPScan WordPress security plugin is unique in that it uses its own manually curated \u003Ca href=\"https:\u002F\u002Fwpscan.com\u002F\" rel=\"nofollow ugc\">WPScan WordPress Vulnerability Database\u003C\u002Fa>. The vulnerability database has been around since 2014 and is updated on a daily basis by dedicated WordPress security specialists and the community at large. The database includes more than 21,000 known security vulnerabilities. The plugin uses this database to scan for \u003Ca href=\"https:\u002F\u002Fwpscan.com\u002Fwordpresses\" rel=\"nofollow ugc\">WordPress vulnerabilities\u003C\u002Fa>, \u003Ca href=\"https:\u002F\u002Fwpscan.com\u002Fplugins\" rel=\"nofollow ugc\">plugin vulnerabilities\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fwpscan.com\u002Fthemes\" rel=\"nofollow ugc\">theme vulnerabilities\u003C\u002Fa>, and has the options to schedule automated daily scans and to send email notifications.\u003C\u002Fp>\n\u003Cp>WPScan has a Free API plan that should be suitable for most WordPress websites, however, also has paid plans for users who may need more API calls. To use the WPScan WordPress Security Plugin you will need to use a free API token by \u003Ca href=\"https:\u002F\u002Fwpscan.com\u002F\" rel=\"nofollow ugc\">registering here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>The Free plan allows 25 API requests per day. View the different available \u003Ca href=\"https:\u002F\u002Fwpscan.com\u002Fapi\" rel=\"nofollow ugc\">API plans\u003C\u002Fa>.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Ch4>How many API requests do you need?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Our WordPress scanner makes one API request for the WordPress version, one request per installed plugin and one request per installed theme.\u003C\u002Fli>\n\u003Cli>On average, a WordPress website has 22 installed plugins.\u003C\u002Fli>\n\u003Cli>The Free plan should cover around 50% of all WordPress websites.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Security Checks\u003C\u002Fh4>\n\u003Cp>The WPScan WordPress Security Plugin will also check for other security issues, which do not require an API token, such as:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Check for debug.log files\u003C\u002Fli>\n\u003Cli>Check for wp-config.php backup files\u003C\u002Fli>\n\u003Cli>Check if XML-RPC is enabled\u003C\u002Fli>\n\u003Cli>Check for code repository files\u003C\u002Fli>\n\u003Cli>Check if default secret keys are used\u003C\u002Fli>\n\u003Cli>Check for exported database files\u003C\u002Fli>\n\u003Cli>Weak passwords\u003C\u002Fli>\n\u003Cli>HTTPS enabled\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>What does the plugin do?\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Scans for known WordPress vulnerabilities, plugin vulnerabilities and theme vulnerabilities;\u003C\u002Fli>\n\u003Cli>Does additional security checks;\u003C\u002Fli>\n\u003Cli>Shows an icon on the Admin Toolbar with the total number of security vulnerabilities found;\u003C\u002Fli>\n\u003Cli>Notifies you by mail when new security vulnerabilities are found.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Further Reading\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpscan.com\u002F\" rel=\"nofollow ugc\">WPScan WordPress Vulnerability Database\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fwpscan.com\u002Fwordpress-security-scanner\" rel=\"nofollow ugc\">WPScan WordPress Security Scanner\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Ftwitter.com\u002F_wpscan_\" rel=\"nofollow ugc\">WPScan Twitter\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n","WPScan WordPress Security Scanner - Scans your system for security vulnerabilities listed in the WPScan Vulnerability Database.",9000,266474,76,28,"2026-01-12T13:09:00.000Z","6.9.4","5.5",[18,20,21,22,52],"wpvulndb","http:\u002F\u002Fwordpress.org\u002Fplugins\u002Fwpscan\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwpscan.1.16.zip",100,{"slug":57,"name":58,"version":59,"author":60,"author_profile":61,"description":62,"short_description":63,"active_installs":64,"downloaded":65,"rating":66,"num_ratings":67,"last_updated":68,"tested_up_to":9,"requires_at_least":69,"requires_php":9,"tags":70,"homepage":9,"download_link":74,"security_score":25,"vuln_count":13,"unpatched_count":13,"last_vuln_date":26,"fetched_at":27},"n0wpscan","N0WPScan","5.6","GeekParadize","https:\u002F\u002Fprofiles.wordpress.org\u002Fwartraxx93\u002F","\u003Cp>We love security testing, we do it! We love WPSCAN, we use it! However we don’t love people abusing WPSCAN and other automated methods to try and gain access to WordPress sites through known and often easy vulnerabilities. N0WPScan is not a silver bullet, but it will stop unskilled attackers, bots and automated attacks which account for over 90% of all WordPress breaches. The other 10% can be offset with a good firewall, IDS and NSM services. Server load will also be lower and sites faster as this tool will prevent a lot of WordPress related automated testing.\u003C\u002Fp>\n\u003Cp>[!] You can prevent most of the common attacks simply by keeping plugins, themes and the core WordPress framework updated\u003C\u002Fp>\n\u003Cp>Benefits\u003Cbr \u002F>\n*   Disables access to admin for everyone except admins and editors\u003Cbr \u002F>\n*   Disables the use of WPScan, a tool commonly used by hackers to attack WordPress, also blocks other automated WP scanners\u003Cbr \u002F>\n*   Blocks hackers from scanning your website for admin users, vulnerable themes, vulnerable plugins and exposed files\u003Cbr \u002F>\n*   Reduces the load on your server\u003Cbr \u002F>\n*   Prevents access to sensitive files\u003C\u002Fp>\n","Secure your Wordpress of WPScan Prevent hackers using WPScan to find vulnerabilities in your site, disable this plugin when you are security testing o &hellip;",40,3536,80,2,"2020-01-15T19:40:00.000Z","5.2",[71,72,73,20,22],"firewall","hackers","scanning","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fn0wpscan.zip",{"slug":76,"name":77,"version":78,"author":79,"author_profile":80,"description":81,"short_description":82,"active_installs":83,"downloaded":84,"rating":85,"num_ratings":86,"last_updated":87,"tested_up_to":49,"requires_at_least":88,"requires_php":89,"tags":90,"homepage":93,"download_link":94,"security_score":95,"vuln_count":96,"unpatched_count":13,"last_vuln_date":97,"fetched_at":27},"stop-user-enumeration","Stop User Enumeration","1.7.7","fullworks","https:\u002F\u002Fprofiles.wordpress.org\u002Ffullworks\u002F","\u003Cp>Stop User Enumeration is a security plugin designed to detect and prevent hackers scanning your site for user login names.\u003C\u002Fp>\n\u003Cp>User Enumeration is a type of attack where nefarious parties can probe your website to discover your login name. This is often a pre-cursor to brute-force password attacks. Stop User Enumeration helps block this initial attack and allows you to log IPs launching these attacks to block further attacks in the future.\u003C\u002Fp>\n\u003Cp>Tools like WPSCAN are designed for use by ethical hackers and make efforts to find user login names. Ethical hackers ask permission first, this plugin is designed to reduce the tools when used without permission and when used in conjunction with fail2ban can block those attempts at the firewall.\u003C\u002Fp>\n\u003Cp>If you are on a VPS or dedicated server, as the attack IP is logged, you can use (optional additional configuration) fail2ban to block the attack directly at your server’s firewall, a very powerful solution for VPS owners to stop brute force attacks as well as DDoS attacks.\u003C\u002Fp>\n\u003Cp>If you don’t have access to install fail2ban ( e.g. on a Shared Host ) you can still use this plugin.\u003C\u002Fp>\n\u003Cp>The plugin can stop the user id being leaked by the oEmbed API call.\u003C\u002Fp>\n\u003Cp>Since WordPress 4.5 user data can also be obtained by API calls without logging in, this is a WordPress feature, but if you don’t need it to get user data, this\u003Cbr \u002F>\nplugin will restrict and log that too.\u003C\u002Fp>\n\u003Cp>Since WordPress 5.5  sitemaps are generated by core WP  ( wp-sitemap.xml ) which includes a user\u002Fauthor sitemap that exposes the user id.  You can enable \u002F disable this in the plugin settings.\u003C\u002Fp>\n\u003Ch4>PHP 8.4 compatible\u003C\u002Fh4>\n\u003Cp>Tested on PHP 8.4\u003C\u002Fp>\n\u003Ch4>Features Include\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>Blocks user enumeration requests by GET or POST\u003C\u002Fli>\n\u003Cli>Syslogs a block so Fail2Ban can be used to block an IP\u003C\u002Fli>\n\u003Cli>Optionally blocks REST API user requests for non authorized users\u003C\u002Fli>\n\u003Cli>Optionally removes author sitemap\u003C\u002Fli>\n\u003Cli>Optionally removes author from OEMBED\u003C\u002Fli>\n\u003Cli>Optionally removes numbers from comment authors\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Privacy\u003C\u002Fh3>\n\u003Cp>This plugin includes an optional email feature for plugin news and updates. When enabled:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Your email address may be sent to https:\u002F\u002Ffullworksplugins.com for important plugin updates and security notices\u003C\u002Fli>\n\u003Cli>This is completely optional and requires your explicit consent via the opt-in form in the plugin settings\u003C\u002Fli>\n\u003Cli>No data is collected or transmitted without your permission\u003C\u002Fli>\n\u003Cli>You can opt-out at any time from the plugin settings\u003C\u002Fli>\n\u003Cli>No other personal data is collected or transmitted to external services\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The plugin logs attempted user enumeration attacks locally using WordPress’s standard logging system:\u003Cbr \u002F>\n* IP addresses of potential attackers are logged locally for security monitoring\u003Cbr \u002F>\n* These logs remain on your server and are not transmitted to any external service\u003Cbr \u002F>\n* Logs can be used with fail2ban or similar tools for enhanced security\u003C\u002Fp>\n\u003Cp>For more information about data handling, please visit https:\u002F\u002Ffullworksplugins.com\u002Fprivacy-policy\u002F\u003C\u002Fp>\n","Helps secure your site against hacking attacks through detecting  User Enumeration",50000,1305856,98,128,"2025-12-15T10:48:00.000Z","6.3","7.4",[91,20,92,22],"fail2ban","user-enumeration","https:\u002F\u002Ffullworksplugins.com\u002Fproducts\u002Fstop-user-enumeration\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fstop-user-enumeration.1.7.7.zip",91,6,"2025-06-26 00:00:00",{"slug":99,"name":100,"version":101,"author":102,"author_profile":103,"description":104,"short_description":105,"active_installs":106,"downloaded":107,"rating":108,"num_ratings":109,"last_updated":110,"tested_up_to":49,"requires_at_least":111,"requires_php":59,"tags":112,"homepage":117,"download_link":118,"security_score":119,"vuln_count":30,"unpatched_count":13,"last_vuln_date":120,"fetched_at":27},"wp-malware-removal","Malcure Malware Shield — Removal, Repair, Monitor","19.8","Malcure Web Security","https:\u002F\u002Fprofiles.wordpress.org\u002Fmalcure\u002F","\u003Cp>Is your website acting strangely? Seeing ‘Deceptive Site Ahead’ warnings, Japanese spam, SEO spam, or random redirects? Time to fix and monitor your site with \u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Ch3>Malcure Malware Shield: The Powerful Antivirus\u003C\u002Fh3>\n\u003Cp>Just as your computer requires antivirus, your website demands specialized \u003Cstrong>antivirus-grade protection\u003C\u002Fstrong>. Malcure Malware Shield delivers comprehensive, \u003Cstrong>antivirus-style\u003C\u002Fstrong> detection with advanced signatures to identify viruses, trojans, backdoors, adware, and ransomware. Unlike basic security plugins, it operates with the precision of an antivirus engine, scanning every layer of your site—from core files to the database—to ensure your website remains virus-free and secure.\u003C\u002Fp>\n\u003Ch3>Malware Removal, Hack Repair & SEO Spam Cleanup\u003C\u002Fh3>\n\u003Cp>Malware attacks are evolving. Standard scanners often miss hidden backdoors and database infections. If your current security plugin says “All Clear” but your site is still broken, you need \u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong>.\u003C\u002Fp>\n\u003Cp>\u003Cstrong>Malcure Malware Shield\u003C\u002Fstrong> is the intelligent, lightweight security solution. We believe security should be simple on the surface but deep under the hood. No complex settings. No bloat. Just activate and scan.\u003C\u002Fp>\n\u003Cp>Lightweight, API-driven scanning runs only on demand or on scheduled scans — no persistent background processes.\u003C\u002Fp>\n\u003Cp>Unlike scanners that delay new malware definitions for days, Malcure delivers real-time threat intelligence to every user so you’re protected against the latest threats as soon as they emerge.\u003C\u002Fp>\n\u003Ch3>What Our Users Say\u003C\u002Fh3>\n\u003Cp>Quotes are verbatim from WordPress.org support reviews, except for bracketed edits (for example, competitor names removed).\u003C\u002Fp>\n\u003Ch4>Best by far, better than [competitor name removed] and other giants\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“You can see it is a bunch of geeks that created this, with skill and visual creativity at that. I spent hours trying to find a plugin like this. So many options and such bad results until now. Great job guys. You deserve it. Simple and effective. (Disclaimer to other potential readers: there are many types of hacks\u002Fmalware out there, every scenario is different, but start with the Malcure scan and see how it goes. 9\u002F10 you won’t be disappointed, my guess)” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fbest-by-far-better-than-wordfence-and-other-giants\u002F\" rel=\"ugc\">@dalingzaf\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>The ONLY plugin that scans files…\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“I am a web developer and have tried many malware removal plugins, including popular ones [competitor names removed]. However, none of them detected some unusual files that were actually malware causing regular attacks. Some of these files were in JPG format.” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fthe-only-plugin-that-scans-files-in-real-time-2\u002F\" rel=\"ugc\">@devzeeshanx\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>Best Malware Removal Plugin in just few minutes\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“Most security plugins that are free only scan the code, but Malcure Malware Removal Plugin scans the wordpress database and the code files in few minutes. Accurately shows which Database table row is infected and it helps resolve the hacking attempt instantly. Saves a lot of time for the developers. Thank You Team Malcure” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fbest-malware-removal-plugin-in-just-few-minutes\u002F\" rel=\"ugc\">@s3630\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch4>It’s not just a “teaser”\u003C\u002Fh4>\n\u003Cblockquote>\n\u003Cp>“This plugin really found the malware, and removed it. Really for free. Thanks guys, I’m going to donate now!” — \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002Ftopic\u002Fits-not-just-a-teaser\u002F\" rel=\"ugc\">@halucska\u003C\u002Fa>\u003C\u002Fp>\n\u003C\u002Fblockquote>\n\u003Ch3>Malware Removal & Hack Repair\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Checksum Verification:\u003C\u002Fstrong> We verify core, plugin, and theme file integrity against the official repository checksums served by our SaaS API endpoint.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Deep Scan:\u003C\u002Fstrong> If checksums fail, Malcure runs a full scan against malware detection signatures detecting estimated 50,000+ variants.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Inspect & Repair:\u003C\u002Fstrong> Inspect infected database records and files. Assists in cleaning compromised files and database entries.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Spam Specialist:\u003C\u002Fstrong> Detects and removes the notorious “Japanese Keyword Hack” and pharma spam from your files and database, helping restore your Google rankings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Virus Scanner & Threat Detection\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Database Scan:\u003C\u002Fstrong> Scans database tables for malicious injections and spam links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Scan:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and uploads for backdoors and obfuscated code.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vulnerability Detection:\u003C\u002Fstrong> Checks your core, plugins, and themes for known security flaws.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>DeepScan™ Technology:\u003C\u002Fstrong> Scans backups, archives, images, and hidden files where malware hides.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Ultra-High Precision:\u003C\u002Fstrong> Uses intelligent checksum verification (comparing your files to official core\u002Fplugin\u002Ftheme checksums) to dramatically reduce false alarms compared to heuristic-only scanners.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Intelligent Health Monitor\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Always-On Guard:\u003C\u002Fstrong> Continuous monitoring via \u003Cstrong>Scheduled Scans\u003C\u002Fstrong> (daily\u002Fweekly\u002Fmonthly) configurable cadence.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Instant Alerts:\u003C\u002Fstrong> Every time a scheduled scan completes, you get an instant email report telling you if your site is clean or infected.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Event Log:\u003C\u002Fstrong> Track the events leading up to a malware incident for faster root-cause analysis.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Powered by Malcure API: Real-Time Threat Intelligence\u003C\u002Fh3>\n\u003Cp>Hackers don’t sleep, and neither do we. Malcure Malware Shield connects to our real-time API to fetch the latest threat definitions.\u003C\u002Fp>\n\u003Cp>This plugin relies on the Malcure API to provide real-time threat intelligence and checksum verification.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Data Transmission:\u003C\u002Fstrong> To perform scans, the plugin sends file checksums and your site’s domain to Malcure servers. No sensitive user data is transmitted.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Terms & Privacy:\u003C\u002Fstrong> Use of the API is subject to our \u003Ca href=\"https:\u002F\u002Fwww.malcure.com\u002F?p=1720&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Terms of Use\u003C\u002Fa> and \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=3&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Privacy Policy\u003C\u002Fa>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Zero-Day Alerts:\u003C\u002Fstrong> Our API serves new threat-intelligence in real-time, ensuring the site is scanned against the latest vulnerabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Smart Checksums:\u003C\u002Fstrong> We verify your core files, themes, and plugins against the official repository checksums using our API, ensuring absolute integrity.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Lightweight:\u003C\u002Fstrong> The scanner only uses minimum resources to keep your server fast and responsive.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Why Keep Malcure Malware Shield Installed?\u003C\u002Fh3>\n\u003Ch4>Reinfection Risk & Continuous Monitoring\u003C\u002Fh4>\n\u003Cp>Malware cleanup is not a one-and-done task. New vulnerabilities and reinfections can appear without warning, so continuous monitoring and scheduled scans help catch issues early—before SEO damage, blacklists, or downtime. You get email notification with the results to rest assured that the site is clean or when immediate action is required.\u003C\u002Fp>\n\u003Cp>Cleaning your site is just step one. Malcure is your anti-malware health monitor.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Continuous Monitoring:\u003C\u002Fstrong> Scheduled scans watch your site for changes so you don’t have to.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time Event Log:\u003C\u002Fstrong> See exactly what’s happening on your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Early Warning:\u003C\u002Fstrong> Catch new infections before Google blacklists you.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurrence Prevention:\u003C\u002Fstrong> Scheduled scans and integrity checks catch reinfections before they spread.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>No Bloat:\u003C\u002Fstrong> Designed to run on-demand or as per schedule without slowing down your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Who This Plugin Is For\u003C\u002Fh3>\n\u003Cul>\n\u003Cli>\u003Cstrong>Site owners\u003C\u002Fstrong> who want clear, actionable results (what was flagged and where).\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Agencies & developers\u003C\u002Fstrong> who need fast triage across multiple sites.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WooCommerce \u002F membership \u002F lead-gen sites\u003C\u002Fstrong> where downtime, SEO brand-reputation damage are expensive.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Anyone\u003C\u002Fstrong> who wants a scanner that cuts through the noise to focus on \u003Cem>signal\u003C\u002Fem>—real threats with practical remediation paths.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>How It Works (Scan \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Review \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Clean \u003Cspan aria-hidden=\"true\" class=\"wp-exclude-emoji\">→\u003C\u002Fspan> Monitor)\u003C\u002Fh4>\n\u003Col>\n\u003Cli>\n\u003Cp>\u003Cstrong>Scan\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Go to \u003Cstrong>Malcure Scanner\u003C\u002Fstrong> in your Admin Dashboard.\u003C\u002Fli>\n\u003Cli>Run a scan to check your files and database for vulnerabilities, malware, backdoors, suspicious code, and integrity issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Review\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Malcure reports findings with clear locations (file paths \u002F database records) so you can verify what changed and why it was flagged.\u003C\u002Fli>\n\u003Cli>Use the results to decide what should be repaired, deleted, or kept (for example, legitimate custom code).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Clean & Recover\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>The free edition helps you identify issues, inspect data and understand what needs fixing.\u003C\u002Fli>\n\u003Cli>The Advanced Edition adds Whitelisting, Advanced Scan Filters, File Operations, WP CLI Automation, Deployment, Bulk Client-Servicing Features, Background Scan & Premium Support (Expertise).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\n\u003Cp>\u003Cstrong>Monitor\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cul>\n\u003Cli>Set up scheduled scans to keep your site continuously monitored.\u003C\u002Fli>\n\u003Cli>Get email alerts for new infections or integrity issues.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003C\u002Fol>\n\u003Ch4>Is It Free?\u003C\u002Fh4>\n\u003Cp>We believe in 100% transparency.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Free Forever:\u003C\u002Fstrong> Professional-grade Detection (Knowledge). You see every infected file and database row (exact file path & line number), so you can clean it yourself for free.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Free Forever:\u003C\u002Fstrong> Real-time Threat Intelligence & Monitoring.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Pro Upgrade:\u003C\u002Fstrong> Whitelisting, Advanced Scan Filters, File Operations, WP CLI Automation, Deployment, Bulk Client-Servicing Features, Background Scan & Premium Support (Expertise).\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Cstrong>You are never forced to pay to \u003Cem>find\u003C\u002Fem> a hack.\u003C\u002Fstrong>\u003C\u002Fp>\n\u003Cspan class=\"embed-youtube\" style=\"text-align:center; display: block;\">\u003Ciframe loading=\"lazy\" class=\"youtube-player\" width=\"750\" height=\"422\" src=\"https:\u002F\u002Fwww.youtube.com\u002Fembed\u002FEbSbxiTOc8k?version=3&rel=1&showsearch=0&showinfo=1&iv_load_policy=1&fs=1&hl=en-US&autohide=2&wmode=transparent\" allowfullscreen=\"true\" style=\"border:0;\" sandbox=\"allow-scripts allow-same-origin allow-popups allow-presentation allow-popups-to-escape-sandbox\">\u003C\u002Fiframe>\u003C\u002Fspan>\n\u003Ch4>Core Features (Free Forever)\u003C\u002Fh4>\n\u003Cul>\n\u003Cli>\u003Cstrong>Deep Malware Scan:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and your entire database for vulnerabilities, viruses, trojans, backdoors, and \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=60&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">malicious redirects\u003C\u002Fa>.\n\u003Cul>\n\u003Cli>\u003Cstrong>Files:\u003C\u002Fstrong> Scans core files, themes, plugins, images, and uploads for backdoors, shells including variants like C99, R57, RootShell, dolohan, Crystal Shell, Matamu, Cybershell, W4cking, Sniper, Predator, Jackal, Phantasma, GFS, Dive, Dx, obfuscated code and many more known and unknown variants.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Database:\u003C\u002Fstrong> Scans database tables for malicious injections, recurring malware and spam links.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>SEO Spam Detection:\u003C\u002Fstrong> Specifically checks page titles and database records for “Japanese Keyword Hack”, “Pharma Hack” and other SEO spam symptoms.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Vulnerability Scanner:\u003C\u002Fstrong> Checks your installed plugins and themes against our real-time database of known security vulnerabilities.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Intelligent Checksum Verification:\u003C\u002Fstrong> Automatically verifies your core files, themes, and plugins against the official checksums. If a file has been tampered with, we know instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Uncompromising Detection:\u003C\u002Fstrong> Detects variants like C99, R57, RootShell, dolohan, Crystal Shell, Matamu, Cybershell, W4cking, Sniper, Predator, Jackal, Phantasma, GFS, Dive, Dx, obfuscated code and many more known and unknown variants.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Attack Surface Hardening & Firewall:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Block Path Traversal:\u003C\u002Fstrong> Stops attackers from accessing sensitive system files.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Block PHP Uploads:\u003C\u002Fstrong> Prevents malicious scripts from being uploaded to your site.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stop User Enumeration:\u003C\u002Fstrong> Blocks bots from fishing for your username.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>REST API Protection:\u003C\u002Fstrong> Prevents user data leakage via the WP REST API.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=1622&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Security Hardening\u003C\u002Fa>:\u003C\u002Fstrong> Learn more about securing your site.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Recurrence Watchdog (Background Monitor):\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Set it and forget it:\u003C\u002Fstrong> Malcure runs silently in the background using scheduled scans (configurable cadence) + integrity baseline to monitor changes.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Stay Ahead:\u003C\u002Fstrong> Automatically catch new infections before they spread or damage your SEO rankings.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Incident Response Toolkit:\u003C\u002Fstrong>\n\u003Cul>\n\u003Cli>\u003Cstrong>Nuke User Sessions:\u003C\u002Fstrong> Instantly force-logout every user on the site to kick out intruders.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Salt Shuffler:\u003C\u002Fstrong> One-click rotation of \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5230&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">security keys (salts)\u003C\u002Fa> to invalidate all browser cookies.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Forensic Flight Recorder (Event Log):\u003C\u002Fstrong> Track every security event. Know exactly \u003Cem>when\u003C\u002Fem> and \u003Cem>how\u003C\u002Fem> a breach might have occurred with our 100-day event log.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Google Search Console Integration:\u003C\u002Fstrong> Connect directly to Google to fetch security warnings and blacklist status in real-time.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Real-Time API Updates:\u003C\u002Fstrong> Connects to the Malcure Cloud to fetch the latest threats and vulnerabilities.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Upgrade to Advanced Edition\u003C\u002Fh4>\n\u003Cp>For mission-critical websites that demand comprehensive protection and recovery tools.\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>1-Click Surgical Repair:\u003C\u002Fstrong> Inspect, Delete, or Repair infected files instantly.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Whitelisting:\u003C\u002Fstrong> Stop false alarms. Supports files, folders, and \u003Cstrong>Database Records\u003C\u002Fstrong>.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>WP-CLI Integration:\u003C\u002Fstrong> Complete command-line control for automated scanning and reporting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Automatic Definition Updates:\u003C\u002Fstrong> Definitions update automatically in the background.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>On-Demand Background Scans:\u003C\u002Fstrong> Trigger deep scans immediately without keeping your browser open.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Advanced Scan Filters:\u003C\u002Fstrong> For when you are specifically looking for something in the files or database or want to include, exclude specific files & directories\u003C\u002Fli>\n\u003Cli>\u003Cstrong>File Operations:\u003C\u002Fstrong> Critical file operations like deletion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Bulk Client-Servicing Features:\u003C\u002Fstrong> Like copying scan results to generate report for clients.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Background Scan:\u003C\u002Fstrong> For when you want to trigger a scan and forget it. The scan continues and emails you upon completion.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Premium Support (Expertise):\u003C\u002Fstrong> When you want to consult or want to exploit advanced features or need help troubleshooting.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>High-Priority Support:\u003C\u002Fstrong> Direct access to our security analysts.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">\u003Cstrong>Get Malcure Advanced Edition\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch4>Additional Resources for Malware Removal\u003C\u002Fh4>\n\u003Cp>Follow these expert guides to remove malware, recover lost traffic, and restore your online reputation:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=1540&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">A step by step guide to remove the malware\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=13946&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Japanese Keyword Hack: How to Remove SEO Spam\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5728&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">What is the Pharma Hack & How to fix it\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14143&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix Google Ads Disapproved for Malicious Software\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14477&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Prevent SQL Injection Attacks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5265&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Live Malware Infection Removal & Analysis\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=7207&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix “This Site May Harm Your Computer” Warning\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=60&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Comprehensive Guide to Removing JavaScript Redirect Malware\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5699&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Fix a Blank WP-Admin Page\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=9102&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Malcure WP CLI Integration & Cheatsheet\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=14375&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Prevent Brute Force Attacks\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5230&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">How to Change Salt Keys\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch4>Expert Malware Removal Service\u003C\u002Fh4>\n\u003Cp>In over your head? Our security analysts are on standby. We offer a complete \u003Cstrong>Malware Removal Service\u003C\u002Fstrong> that includes:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>100% Removal Guarantee:\u003C\u002Fstrong> We guarantee to remove all malware from your website.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Same Day Service:\u003C\u002Fstrong> Fast turnaround time to get your business back online.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Manual Inspection:\u003C\u002Fstrong> Our experts manually inspect critical files (htaccess, wp-config, index.php) and your database.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Blacklist Removal:\u003C\u002Fstrong> We handle the removal of your site from blacklists like Google, Norton, McAfee, etc.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Security Hardening:\u003C\u002Fstrong> We identify the root cause and patch vulnerabilities to prevent future infections.\u003C\u002Fli>\n\u003Cli>\u003Cstrong>15-Day Cover:\u003C\u002Fstrong> Security analysts available 24\u002F7\u002F365 to ensure your site stays clean.\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>\u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=107&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">\u003Cstrong>Book Expert Malware Removal\u003C\u002Fstrong>\u003C\u002Fa>\u003C\u002Fp>\n\u003Ch3>Troubleshooting\u003C\u002Fh3>\n\u003Ch4>Some files are detected by Malcure Malware Shield as “suspicious”. What gives?\u003C\u002Fh4>\n\u003Cp>Malcure’s DeepScan checks each file for malware. However some files aren’t pure malware but may contain code that is suspicious and could potentially do nasty things. You should carefully review and analyse them to see if they indeed do anything nasty.\u003C\u002Fp>\n\u003Ch4>I can’t get Malcure Malware Shield to work. It hangs \u002F doesn’t complete the scan \u002F breaks for some reason.\u003C\u002Fh4>\n\u003Cp>If you think that the plugin is broken, \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5677&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">please report it here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Cp>Malcure Malware Shield (or for that matter other plugins) may break on malware affected \u002F broken websites. \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Malcure Advanced Edition\u003C\u002Fa> integrates with WP CLI and allows you to complete the scan from WP CLI even when the site is blocked by the webhost or when you are unable to login to the website.\u003C\u002Fp>\n\u003Ch4>My site is infected however Malcure Malware Shield doesn’t detect the infection.\u003C\u002Fh4>\n\u003Cp>Malware keeps evolving. If you come across malware that Malcure Malware Shield is not able to identify, you may \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=157&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">please report it here\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>The scan gets stuck midway. What should I do?\u003C\u002Fh4>\n\u003Cp>In case of such an event, please file a support request with us and we’ll be more than happy to troubleshoot the issue.\u003C\u002Fp>\n\u003Cp>Please visit \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=5677&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">this page\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>I cleaned my site but it got infected again. What should I do?\u003C\u002Fh4>\n\u003Cp>Malware cleanup is a waste of time and effort unless you find the root cause behind the malware infection and monitor for recurrence. How was someone able to infect your website? Have you plugged in that security hole?\u003C\u002Fp>\n\u003Cp>Please read \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002Fblog\u002Fsecurity\u002Fwhy-do-wordpress-websites-get-hacked\u002F?utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Why Do Websites Get Hacked\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>Google Safe Browsing site status (or some other scanner) still shows my site as infected. What should I do?\u003C\u002Fh4>\n\u003Cp>First make sure you purge your site cache. Second, Google (and other scanners) cache the results for some time. You’ll need to force or refresh the scan. You can also file a request with us to \u003Ca href=\"https:\u002F\u002Fwww.malcure.com\u002F?p=107&utm_source=readmefaq&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">get your site off any blacklists\u003C\u002Fa>.\u003C\u002Fp>\n\u003Ch4>I found a suspicious file, what now?\u003C\u002Fh4>\n\u003Cp>If Malcure flags it, it’s likely malicious. You can inspect the file content using our built-in inspector. If you’re unsure, consider our \u003Ca href=\"https:\u002F\u002Fmalcure.com\u002F?p=107&utm_source=readme&utm_medium=web&utm_campaign=wpmr\" rel=\"nofollow ugc\">Expert Malware Removal Service\u003C\u002Fa>.\u003C\u002Fp>\n","Fast malware removal & security shield. Fix hacks, stop redirects, clean SEO spam. Real-time threat intelligence. No bloat.",10000,605372,88,69,"2026-02-13T05:45:00.000Z","3.7.4",[113,114,20,115,116],"antivirus","malware-scanner","virus","vulnerability-scanner","https:\u002F\u002Fmalcure.com\u002F?p=116&utm_source=plugin-header&utm_medium=web&utm_campaign=wpmr","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fwp-malware-removal.19.8.zip",96,"2025-09-03 00:00:00",{"slug":122,"name":123,"version":124,"author":125,"author_profile":126,"description":127,"short_description":128,"active_installs":44,"downloaded":129,"rating":130,"num_ratings":64,"last_updated":131,"tested_up_to":132,"requires_at_least":133,"requires_php":9,"tags":134,"homepage":138,"download_link":139,"security_score":140,"vuln_count":141,"unpatched_count":13,"last_vuln_date":142,"fetched_at":27},"exploit-scanner","Exploit Scanner","1.5.2","Donncha O Caoimh (a11n)","https:\u002F\u002Fprofiles.wordpress.org\u002Fdonncha\u002F","\u003Cp>This plugin searches the files on your website, and the posts and comments tables of your database for anything suspicious. It also examines your list of active plugins for unusual filenames.\u003C\u002Fp>\n\u003Cp>It does not remove anything. That is left to the user to do.\u003C\u002Fp>\n\u003Cp>Latest MD5 hash values for Exploit Scanner:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>17e2ccfc834d691bc68cc5c64f9bed89  exploit-scanner.php (1.5.2)\u003C\u002Fli>\n\u003Cli>1d5f9d6220fe159cd44cb70a998a1cd7  hashes-4.6.php\u003C\u002Fli>\n\u003Cli>fbdf61c17f65094c8e331e1e364acf68  hashes-4.6.1.php\u003C\u002Fli>\n\u003Cli>477d128d84802e3470cec408424a8de3  hashes-4.7.php\u003C\u002Fli>\n\u003Cli>d53210f999847fbd6f5a2ecac0ad42f2  hashes-4.7.5.php\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Latest SHA1 hash values for Exploit Scanner:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>1decc1e47a53d1cab9e8f1ef15b31682198367ee  exploit-scanner.php (1.5.2)\u003C\u002Fli>\n\u003Cli>5cec64380a2acdc876fd22fbbbbf8c335df1ed3f  hashes-4.6.php\u003C\u002Fli>\n\u003Cli>99d9e7be23a350f3d1962d0f41e7b4e28c00841e  hashes-4.6.1.php\u003C\u002Fli>\n\u003Cli>1eeab377a1afc6d776827a063678d2461b29e71d  hashes-4.7.php\u003C\u002Fli>\n\u003Cli>8c890a6af26bb74e9d17e5d2b21d6be27764da45  hashes-4.7.5.php\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>See the \u003Ca href=\"http:\u002F\u002Focaoimh.ie\u002Fexploit-scanner\u002F\" rel=\"nofollow ugc\">Exploit Scanner homepage\u003C\u002Fa> for further information.\u003C\u002Fp>\n\u003Ch3>Interpreting the Results\u003C\u002Fh3>\n\u003Cp>It is likely that this scanner will find false positives (i.e. files which do not contain malicious code). However, it is best to err\u003Cbr \u002F>\non the side of caution; if you are unsure then ask in the \u003Ca href=\"https:\u002F\u002Fwordpress.org\u002Fsupport\u002F\" rel=\"ugc\">Support Forums\u003C\u002Fa>,\u003Cbr \u002F>\ndownload a fresh copy of a plugin, search the Internet for similar situations, et cetera. You should be most concerned if the scanner is:\u003Cbr \u002F>\nmaking matches around unknown external links; finding base64 encoded text in modified core files or the \u003Ccode>wp-config.php\u003C\u002Fcode> file;\u003Cbr \u002F>\nlisting extra admin accounts; or finding content in posts which you did not put there.\u003C\u002Fp>\n\u003Cp>Understanding the three different result levels:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Cstrong>Severe:\u003C\u002Fstrong> results that are often strong indicators of a hack (though they are not definitive proof)\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Warning:\u003C\u002Fstrong> these results are more commonly found in innocent circumstances than Severe matches, but they should still be treated with caution\u003C\u002Fli>\n\u003Cli>\u003Cstrong>Note:\u003C\u002Fstrong> lowest priority, showing results that are very commonly used in legitimate code or notifications about events such as skipped files\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Ch3>Help! I think I have been hacked!\u003C\u002Fh3>\n\u003Cp>Follow the guides from the Codex:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FFAQ_My_site_was_hacked\" rel=\"nofollow ugc\">Codex: FAQ – My site was hacked\u003C\u002Fa>\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"https:\u002F\u002Fcodex.wordpress.org\u002FHardening_WordPress\" rel=\"nofollow ugc\">Codex: Hardening WordPress\u003C\u002Fa>\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>Ensure that you change \u003Cstrong>all\u003C\u002Fstrong> of your WordPress related passwords (site, FTP, MySQL, etc.). A regular backup routine\u003Cbr \u002F>\n(either manual or plugin powered) is extremely useful; if you ever find that your site has been hacked you can easily restore your site from\u003Cbr \u002F>\na clean backup and fresh set of files and, of course, use a new set of passwords.\u003C\u002Fp>\n\u003Ch3>Updates\u003C\u002Fh3>\n\u003Cp>Updates to the plugin will be posted here, to \u003Ca href=\"http:\u002F\u002Focaoimh.ie\u002F\" rel=\"nofollow ugc\">Holy Shmoly!\u003C\u002Fa> and the \u003Ca href=\"http:\u002F\u002Focaoimh.ie\u002Fexploit-scanner\u002F\" rel=\"nofollow ugc\">WordPress Exploit Scanner\u003C\u002Fa> page will always link to the newest version.\u003C\u002Fp>\n\u003Ch3>Other Languages\u003C\u002Fh3>\n\u003Cp>Unfortunately for people using WordPress versions for other locales some of the file hashes may be incorrect as some strings have to be hardcoded in their translated form. Here are some file hashes for WordPress in other languagues provided separately by other members of the community:\u003C\u002Fp>\n\u003Cul>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Fwpbiz.jp\u002Ffiles\u002Fexploit-scanner-hashes\u002Fja\u002F\" rel=\"nofollow ugc\">Japanese\u003C\u002Fa> – thanks to Naoko\u003C\u002Fli>\n\u003Cli>\u003Ca href=\"http:\u002F\u002Ftalkpress.de\u002Fartikel\u002Fexploit-scanner-hash-deutsch-wordpress\" rel=\"nofollow ugc\">German\u003C\u002Fa> – thanks to Robert Wetzlmayr\u003C\u002Fli>\n\u003C\u002Ful>\n\u003Cp>The hash files should only be declaring an array called $filehashes and the majority of the hashes should still be the same.\u003C\u002Fp>\n","Search the files and database of your WordPress install for signs that may indicate that it has fallen victim to malicious hackers.",1067302,64,"2017-11-28T06:49:00.000Z","4.7.32","3.3",[18,135,136,20,137],"hacking","scanner","spam","https:\u002F\u002Fwordpress.org\u002Fplugins\u002Fexploit-scanner\u002F","https:\u002F\u002Fdownloads.wordpress.org\u002Fplugin\u002Fexploit-scanner.1.5.2.zip",84,1,"2013-05-29 00:00:00",{"attackSurface":144,"codeSignals":170,"taintFlows":191,"riskAssessment":192,"analyzedAt":205},{"hooks":145,"ajaxHandlers":161,"restRoutes":167,"shortcodes":168,"cronEvents":169,"entryPointCount":141,"unprotectedCount":141},[146,152,156],{"type":147,"name":148,"callback":149,"file":150,"line":151},"action","admin_enqueue_scripts","Whook_LoadScripts","whook-security.php",36,{"type":147,"name":153,"callback":154,"file":150,"line":155},"wp_dashboard_setup","whook_secuity_dashboard",38,{"type":157,"name":158,"callback":159,"file":150,"line":160},"filter","admin_head","whook_jquery_plg_url",146,[162],{"action":163,"nopriv":164,"callback":165,"hasNonce":164,"hasCapCheck":164,"file":166,"line":11},"whook_plg_scan",false,"Whook_ScanPlugin","include-classes\\whook-class.php",[],[],[],{"dangerousFunctions":171,"sqlUsage":172,"outputEscaping":174,"fileOperations":30,"externalRequests":13,"nonceChecks":13,"capabilityChecks":13,"bundledLibraries":190},[],{"prepared":13,"raw":13,"locations":173},[],{"escaped":13,"rawEcho":175,"locations":176},7,[177,180,182,183,184,186,188],{"file":166,"line":178,"context":179},152,"raw output",{"file":150,"line":181,"context":179},54,{"file":150,"line":140,"context":179},{"file":150,"line":85,"context":179},{"file":150,"line":185,"context":179},99,{"file":150,"line":187,"context":179},131,{"file":150,"line":189,"context":179},141,[],[],{"summary":193,"deductions":194},"The whook-security plugin version 1.3 presents a concerning security posture due to significant gaps in its defense mechanisms, despite a clean vulnerability history. While the plugin avoids dangerous functions and uses prepared statements for SQL, its handling of output and entry points is critically weak.  A substantial portion of its code signals indicates a lack of proper output escaping, meaning that user-supplied data or dynamically generated content could be exposed to cross-site scripting (XSS) attacks. Furthermore, the presence of an unprotected AJAX handler without any authentication or capability checks represents a direct and severe entry point for attackers. The absence of taint analysis results might suggest a limited scope of analysis or a plugin with minimal data manipulation, but it doesn't negate the clear risks identified in other areas.\n\nThe vulnerability history being clean is a positive indicator, suggesting the developers may have a good track record or that the plugin hasn't been a target. However, this should not be relied upon as a sole security measure, especially given the identified weaknesses in the current version. The combination of unescaped output and an unprotected AJAX endpoint creates a fertile ground for potential exploits. The plugin needs immediate attention to address these critical security flaws to mitigate the risk of compromise.",[195,197,200,203],{"reason":196,"points":11},"Unprotected AJAX handler found",{"reason":198,"points":199},"Output escaping not properly implemented",8,{"reason":201,"points":202},"No nonce checks on AJAX handlers",5,{"reason":204,"points":202},"No capability checks on AJAX handlers","2026-03-17T01:11:26.476Z",{"wat":207,"direct":220},{"assetPaths":208,"generatorPatterns":213,"scriptPaths":214,"versionParams":215},[209,210,211,212],"\u002Fwp-content\u002Fplugins\u002Fwhook-security\u002Fcss\u002Ftooltipster.bundle.min.css","\u002Fwp-content\u002Fplugins\u002Fwhook-security\u002Fjs\u002Ftooltipster.bundle.min.js","\u002Fwp-content\u002Fplugins\u002Fwhook-security\u002Fjs\u002Fwhook-js.js","\u002Fwp-content\u002Fplugins\u002Fwhook-security\u002Fcss\u002Fwhook-style.css",[],[210,211],[216,217,218,219],"whook-security\u002Fcss\u002Ftooltipster.bundle.min.css?ver=","whook-security\u002Fjs\u002Ftooltipster.bundle.min.js?ver=","whook-security\u002Fjs\u002Fwhook-js.js?ver=","whook-security\u002Fcss\u002Fwhook-style.css?ver=",{"cssClasses":221,"htmlComments":228,"htmlAttributes":229,"restEndpoints":231,"jsGlobals":232,"shortcodeOutput":234},[222,223,224,225,226,227],"whook-security-area","green-area","msg-box","red-area","whook-tooltip","yellow-area",[],[230],"title",[],[233],"Whook_Plg_Url",[]]