WPVulnerability
Get WordPress vulnerability alerts from the WPVulnerability Database API.
5(20 reviews)
·10K+ active installs·Updated 2 months agoAs of April 2026, WPVulnerability is a WordPress security plugin with 10K+ active installations and a 5/5 rating from 20 reviews. It has been downloaded 534K+ times in total. Requires WordPress 4.7+ and PHP 5.6+. Available on WordPress.org since 2022. Recently updated within the last 3 months. Downloads are down 9% this week. Support resolution rate: 0%. Top alternative: Wordfence Security – Firewall, Malware….
5/520 reviews
10K+active installs
0%resolved
4 yearssince 2022
Overview
This plugin integrates with the WPVulnerability API to provide real-time vulnerability assessments for your WordPress core, plugins, themes, PHP version, Apache HTTPD, nginx, MariaDB, MySQL, ImageMagick, curl, memcached, Redis, and SQLite.
It delivers detailed reports directly within your WordPress dashboard, helping you stay aware of potential security risks. Configure the plugin to send periodic notifications about your site’s security status, ensuring you remain informed without being overwhelmed. Designed for ease of use, it supports proactive security measures without storing or retrieving any personal data from your site.
Data reliability
The information provided by the information database comes from different sources that have been reviewed by third parties. There is no liab…
Screenshots
Ratings & Reviews
520 reviews
5 ★
20
4 ★
0
3 ★
0
2 ★
0
1 ★
0
Recent Reviews
Wow, most useful wordpress plugin for security!
by Bubalubs·1 year ago·1 reply
It is a must have install on every WP project for security and maintaince! 🙂
Backed up by a open API that shares vulnerabilities.
Thank you! 😊
Essential plugin
by Dan Bamber·1 year ago·1 reply
Without a doubt, the most important plugin to install on your WordPress instance.
Mi herramienta principal de diagnóstico
by Lolo Marchal·1 year ago
Resume en un solo plugin todas las vulnerabilidades tu WordPress, Plugins y Themes. Para mi es un “musthave” desde hace más de 1 año. Lo instalo en todas mis auditorías.
This is awesome
by pixluser·1 year ago
Vulnerabilities are listed into your plugins list.
You should also being able to receive an automatic email too.
It doesn’t work on my system, but email test yes.
So awesome plugin anyway!
Perfect
by Groovyx9·1 year ago·1 reply
Exactly what I was looking for ! On the roadmap, it would be nice if :
- we can chose if we want to receive an email OR not (I may use it as a vuln reminder on the dashboard, as I have other plugins already keeping me informed)
- we can chose what will be in the email – php or not for exemple (it seems that it is planned, thanks)
- only receive an email if one the vuln is considered high risk
- etc.
Download Trends
Today: 375Yesterday: 399This week: 3KPeriod total: 264K
Compatibility
| WordPress | 4.7+ requiredTested up to 6.9.4 |
| PHP | 5.6+ required |
Version Adoption
v4.3
74.5%
Other
9.9%
v4.2
8.2%
v4.0
7.3%
Top Alternatives to WPVulnerability
Frequently Asked Questions
Changelog
[4.3.1] – 2026-01-20
Fixed
- Dashboard widget now correctly counts only vulnerabilities from enabled components, excluding disabled ones from settings.
- Status badge calculation (Critical/Warning) now properly considers only enabled components when determining severity level.
- Fixed PHPCS warnings for global variables without plugin prefix in wpvulnerability-admin.php and wpvulnerability-adminms.php.
Compatibility
- WordPress: 4.7 – 6.9
- PHP: 5.6 – 8.5
…and 4 more changes
Contributors
Plugin data sourced from WordPress.org. Analysis and metrics by PluginSift.