Plugin Name

WordPress Security Audit

Description

The WordPress Security Audit plugin scans your WordPress installation for over **150+ security checks** to help identify potential vulnerabilities and misconfigurations. Each test includes recommended fixes, giving administrators a comprehensive overview of how to harden their WordPress installation.

Author

Randal C. Burger Jr (2025)

List of Checks

The following security checks are performed:

* wp-config.php Writable
* File Editing Allowed
* index.php in Root Present
* Version Exposed in Meta Tags
* Default “admin” Username Exists
* Inactive Plugins Present
* Outdated WordPress Core
* XML-RPC Enabled (2 types)
* Default Login URL Used
* REST API Not Restricted
* .htaccess Writable
* wp-content Directory Listing Risk
* Weak Passwords Check
* Uploads Folder Index File Missing
* No SQL Injection Protection Plugin
* Suspicious GET Parameters
* Elevated Default User Role
* Backup Files in Web Root
* Loose wp-content Permissions
* Default DB Table Prefix
* .git Directory Present
* Uploads Folder World-Writable
* Login Attempts Not Limited
* Outdated jQuery Detected
* SSL Not Enabled for Admin
* Core Auto-Updates Disabled
* Admin Area Not Using HTTPS
* and Many More when you purchase our plugin today!