Free WordPress Vulnerability Scanner
Instantly detect known CVEs, vulnerable themes, and exposed ports with high-speed automated checks. View scan results directly in your WordPress dashboard, with in-depth technical details managed in Catcher24.
The free target is available exclusively for new Catcher24 accounts.
Trusted by companies and organizations from various sectors: Catcher24 offers practical insights that are directly applicable.
What is the Catcher24 WordPress plugin?
WordPress is the most popular CMS in the world, making it a prime target for automated botnets and exploits. Traditional security plugins often bloat your server and slow down your site by running heavy local scans and firewall rules.
The Catcher24 plugin connects your site to our cloud-native, outside-in scanning engines. We safely assess your WordPress installation from an attacker's perspective without impacting your site's performance or consuming local CPU resources.
You get one free WordPress target scan upon installation. View immediate threat alerts directly in your wp-admin dashboard, and seamlessly access the central Catcher24 SaaS platform for deep remediation context and historical tracking.
What is included in our WordPress scanner?
Comprehensive threat detection built specifically for the WP ecosystem, delivered seamlessly to your admin panel.
Free target assessment
Install the plugin from the official WordPress marketplace to unlock one free, continuous scanning target. No credit card required.
Plugin & theme audits
We continuously check your active and inactive plugins against the latest CVE databases to identify known vulnerabilities before they are exploited.
Minimal-Impact Auditing
Black-box scanning is performed entirely on Catcher24’s infrastructure, ensuring minimal performance impact on your WordPress host.
Core misconfigurations
Detect exposed wp-config.php backups, open directory listings, and outdated WordPress core versions that attackers use as entry points.
Secure WordPress For Free
Catch known CVEs before they are exploited. Install our plugin to run automated vulnerability checks on your themes, plugins, and core directly from your admin panel.
Free for new sign-ups · No credit card · Setup in minutes
How our WordPress scanner works
Get started in minutes. Connect your site, run automated checks, and receive actionable alerts before vulnerabilities escalate.
Install the plugin directly from the WordPress marketplace.
Click the start scan button for your WordPress site
Our external engines safely map your WP environment and scan for known CVEs.
View high-level alerts in WP and get detailed patch guidance in the Catcher24 dashboard.
100% Agentless scanning
Zero impact on your website load times
Actionable CVE patch context provided
Frequently Asked Questions
The free tier performs an on-demand security scan of your WordPress environment. It automatically checks your WordPress core, installed plugins, and active themes against the latest databases for known CVEs (Common Vulnerabilities and Exposures). Additionally, it runs a port scan to detect any exposed services on your hosting infrastructure.
Yes, the plugin provides one free target. This offer is available exclusively for new users who create a Catcher24 account directly through the WordPress plugin setup. No credit card is required to install the plugin and run your first scan.
The free wordpress tier is an introductory offer designed strictly for new sign-ups. If you are an existing Catcher24 customer or currently on a 10-day trial, you cannot add a free target via the plugin. Instead, you can easily add WordPress web application targets to your active subscription directly from the main Catcher24 dashboard.
A clear summary of your scan results—including exposed ports, outdated themes, and vulnerable plugins—is displayed directly inside your WordPress admin dashboard for quick visibility. For in-depth technical reports, logs, and advanced remediation details, you can log into your central Catcher24 dashboard.
The free WordPress plugin tier allows you to run fast, on-demand vulnerability scans whenever you need them. If you want to fully automate your security posture, you can upgrade your account to Premium. The Premium tier unlocks automated scan scheduling, SSL certificate validation, and detailed DNS mapping.
Secure WordPress For Free
Catch known CVEs before they are exploited. Install our plugin to run automated vulnerability checks on your themes, plugins, and core directly from your admin panel.
Free for new sign-ups · No credit card · Setup in minutes