Vulnerability Alerts


This plugin scans your system on a daily basis to find vulnerabilities listed in the WPScan Vulnerability Database. It shows an icon on the Admin Toolbar with the total number of vulnerabilities found.

What does it do?

  • Scans the WordPress core, your themes and your plugins for vulnerabilities;
  • Shows an icon on the Admin Toolbar with the total number of vulnerabilities found;
  • Notifies you by mail when new vulnerabilities are found.


  • List of vulnerabilities and icon at Admin Bar.
  • Notification settings.


  1. Upload content to the /wp-content/plugins/ directory
  2. Activate the plugin through the ‘Plugins’ menu in WordPress


Good plugin, but not ideal on WordPress multisite

The plugin is very useful to see which plugins have known vulnerabilities.

On WordPress multisite, however, it displays this information in the site admin backend of the main site instead of the network admin backend. That makes it a bit inconvenient, because network admins have to go to the site admin backend of the main site to see the list of vulnerabilities in their network.

Very useful plugin

After realizing I had some plugins installed with published vulnerabilities I went looking for a plugin to notify me of this.
Vulnerability Alerts does this task very effectively.

Read all 8 reviews

Contributors & Developers

“Vulnerability Alerts” is open source software. The following people have contributed to this plugin.


Translate “Vulnerability Alerts” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • [Added] Some UI improvements
  • [Fixed] Check Now button now runs the scheduled task to avoid timeout error


  • [Added] Support to send to multiple e-mails


  • [Fixed] Prevent cron jobs duplication.
  • [Fixed] PHP warning when checking for vulnerabilities.


  • [Added] Send every month.


  • [Fixed] Admin icon shows ignored vulnerabilities.


  • [Added] Language files.


  • [Added] Option to select the day of the week to receive notifications.
  • [Added] Option to disable notifications for a vulnerability that you consider fixed.


  • [Added] Uninstall script.
  • [Bug] List shows “not fixed” vulnerabilities. Thanks to @eusebiuoprinoiu.


  • [Added] Option to be notified by mail.
  • [Updated] Check Now button now prevents reload page to recheck.


  • First release.