I just posted it to the howto section, but I guess here would be a better fit. I am reposting...
Anyway, I just developed an application to test a wordpress installation looking for possible security issues. It works remotely, so you don't need to install anything on your box. I would love to hear some feedback from real wordpress users, false positives, wrong information, etc. The tool is free (of course) and available at:
If it finds anything we also have a document with guidelines on how to fix some of those:
*if this is not the right place, please redirect it accordingly (or just curse me :)).