wp-scan.org : wp-scan.org Forums

wp-scan.org - Free WordPress malware scanner — results in 10 seconds

Scan any WordPress theme or plugin ZIP for malware, SQL injection, XSS & 40+ vulnerabilities — in 10 seconds. No install. No WordPress plugin. No account needed. Built after 6 hours hunting a base64 backdoor in a client's plugin. There had to be a faster way. ✅ Free: 2 scans/month, 40+ patterns, 20MB ZIP ⭐ Premium: Exact line numbers, fix guides, unlimited scans 1 in 25 WordPress sites is actively infected. Now you'll know in 10 seconds.

Hey Product Hunt! 👋 I'm Rajan, the maker of wp-scan.org. A few months ago a client called me at midnight — their WooCommerce store had been flagged by Google as dangerous. Traffic dropped 80% overnight. I spent 6 hours manually grepping through 3,000 PHP files to find the infection: a base64_decode(eval()) shell hidden inside an old payment plugin for 14 months. I built wp-scan.org that weekend. **How it works:** → Upload your WordPress theme or plugin as a ZIP → We scan every PHP, JS, and HTML file against 40+ malware signatures → You get a severity-ranked report in under 10 seconds **What it finds:** • Backdoors & remote code execution shells • SQL injection vulnerabilities • Cross-site scripting (XSS) • Obfuscated malware (eval/base64 chains) • Hardcoded credentials • Remote file inclusion **Free tier is real** — 2 scans/month, no credit card, no account required. I'd love to hear what you think. Drop a comment or email me at support@wp-scan.org — I read everything. Try it free → https://wp-scan.org 🛡️

wp-scan.org - Free WordPress malware scanner — results in 10 seconds

Replies