{"id":296440,"date":"2026-04-14T06:27:30","date_gmt":"2026-04-14T06:27:30","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/ai-patchwatch\/"},"modified":"2026-04-14T06:30:49","modified_gmt":"2026-04-14T06:30:49","slug":"aipatch-security-scanner","status":"publish","type":"plugin","link":"https:\/\/wordpress.org\/plugins\/aipatch-security-scanner\/","author":23219905,"comment_status":"closed","ping_status":"closed","template":"","meta":{"version":"1.0.2","stable_tag":"1.0.2","tested":"6.9.4","requires":"6.5","requires_php":"7.4","requires_plugins":null,"header_name":"Aipatch Security Scanner","header_author":"Aipatch Security Scanner","header_description":"Lightweight security scanner for WordPress. Checks for outdated software, risky configurations, and applies safe hardening measures.","assets_banners_color":"","last_updated":"2026-04-14 06:30:49","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/github.com\/estebanstifli\/aipatch","header_author_uri":"https:\/\/github.com\/estebanstifli","rating":0,"author_block_rating":0,"active_installs":0,"downloads":37,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.0.2":{"tag":"1.0.2","author":"estebandezafra","date":"2026-04-14 06:30:49"}},"upgrade_notice":{"1.0.1":"<p>Maintenance release for WordPress.org submission updates.<\/p>","1.0.0":"<p>Initial release of Aipatch Security Scanner.<\/p>"},"ratings":[],"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.2"],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"Security Dashboard with score and summary cards.","2":"Known vulnerabilities table.","3":"Hardening toggles with explanations.","4":"Security logs with severity filtering.","5":"Settings page with module control."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[8533,31093,6464,600,41325],"plugin_category":[54],"plugin_contributors":[238115],"plugin_business_model":[],"class_list":["post-296440","plugin","type-plugin","status-publish","hentry","plugin_tags-audit","plugin_tags-hardening","plugin_tags-scanner","plugin_tags-security","plugin_tags-vulnerabilities","plugin_category-security-and-spam-protection","plugin_contributors-estebandezafra","plugin_committers-estebandezafra"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/aipatch-security-scanner.svg","icon_2x":false,"generated":true},"screenshots":[],"raw_content":"<!--section=description-->\n<p><strong>Aipatch Security Scanner<\/strong> is a lightweight security scanner that helps you understand and improve your site's security posture.<\/p>\n\n<p>Unlike heavy security suites, Aipatch Security Scanner focuses on <strong>clarity over complexity<\/strong>:<\/p>\n\n<ul>\n<li><strong>Security Score:<\/strong> A simple 0\u2013100 score that summarizes your site's security status at a glance.<\/li>\n<li><strong>Local Scanner:<\/strong> Detects outdated plugins, themes, core versions, risky configurations, and common security weaknesses \u2014 all locally, with no external dependencies.<\/li>\n<li><strong>Known Vulnerabilities:<\/strong> Checks your installed software against a built-in knowledge base of known vulnerabilities. Future versions will support external vulnerability feeds for broader coverage.<\/li>\n<li><strong>Safe Hardening:<\/strong> Toggle security improvements like XML-RPC blocking, REST API restrictions, WordPress version hiding, and login brute-force protection \u2014 each with clear explanations and compatibility warnings.<\/li>\n<li><strong>Security Logs:<\/strong> A clean log of all security events, scans, and changes made through the plugin.<\/li>\n<li><strong>Site Health Integration:<\/strong> Adds custom security tests to the WordPress Site Health screen.<\/li>\n<li><strong>Scan History:<\/strong> Every scan is saved so you can track your security score over time.<\/li>\n<li><strong>Module Control:<\/strong> Enable or disable individual modules (scanner, hardening, vulnerabilities, login protection) from settings.<\/li>\n<\/ul>\n\n<h4>Philosophy<\/h4>\n\n<p>Aipatch Security Scanner is designed to give site owners <strong>clear, actionable information<\/strong> without being overwhelmed by technical jargon or upsell pressure. Every finding includes what it means, why it matters, and what to do \u2014 in plain language.<\/p>\n\n<h4>What Aipatch Security Scanner Does<\/h4>\n\n<ul>\n<li>Runs 12 local security checks against your installation<\/li>\n<li>Calculates a risk score based on findings<\/li>\n<li>Compares installed plugins, themes, and core against known vulnerabilities<\/li>\n<li>Applies optional hardening rules via WordPress filters (no file modifications)<\/li>\n<li>Logs all security events to a dedicated database table<\/li>\n<li>Integrates with WordPress Site Health<\/li>\n<\/ul>\n\n<h4>What Aipatch Security Scanner Does NOT Do<\/h4>\n\n<ul>\n<li>It is NOT a firewall or WAF.<\/li>\n<li>It does NOT scan files for malware.<\/li>\n<li>It does NOT modify your .htaccess or wp-config.php automatically.<\/li>\n<li>It does NOT phone home or require an account to function.<\/li>\n<li>It does NOT intercept frontend requests or affect page load performance.<\/li>\n<\/ul>\n\n<h4>Future Roadmap<\/h4>\n\n<ul>\n<li>External vulnerability feed integration (API-based)<\/li>\n<li>File integrity monitoring<\/li>\n<li>Email alerts for critical findings<\/li>\n<li>Extended multisite support<\/li>\n<\/ul>\n\n<!--section=installation-->\n<ol>\n<li>Upload the <code>aipatch-security-scanner<\/code> folder to <code>\/wp-content\/plugins\/<\/code>.<\/li>\n<li>Activate the plugin through the 'Plugins' menu in WordPress.<\/li>\n<li>Navigate to <strong>Aipatch Security Scanner \u2192 Dashboard<\/strong> to run your first scan.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id=\"does%20this%20plugin%20slow%20down%20my%20site%3F\"><h3>Does this plugin slow down my site?<\/h3><\/dt>\n<dd><p>No. Aipatch Security Scanner runs scans on demand or via WP-Cron. It does not add anything to your frontend and does not intercept requests on every page load.<\/p><\/dd>\n<dt id=\"does%20it%20require%20an%20external%20api%20or%20account%3F\"><h3>Does it require an external API or account?<\/h3><\/dt>\n<dd><p>No. The current version works entirely locally. Future versions will offer optional external vulnerability feeds.<\/p><\/dd>\n<dt id=\"will%20it%20break%20my%20site%3F\"><h3>Will it break my site?<\/h3><\/dt>\n<dd><p>Aipatch Security Scanner is designed to be safe. Hardening options are toggled individually and include compatibility warnings. No system files are modified automatically.<\/p><\/dd>\n<dt id=\"is%20it%20compatible%20with%20other%20security%20plugins%3F\"><h3>Is it compatible with other security plugins?<\/h3><\/dt>\n<dd><p>Yes. Aipatch Security Scanner focuses on scanning and reporting, not request filtering. It can coexist with firewall plugins like Wordfence or Sucuri.<\/p><\/dd>\n<dt id=\"what%20data%20does%20it%20store%3F\"><h3>What data does it store?<\/h3><\/dt>\n<dd><p>Scan results, settings, hardening preferences, scan history, and security logs in your WordPress database. No data is sent externally.<\/p><\/dd>\n<dt id=\"how%20accurate%20is%20the%20vulnerability%20database%3F\"><h3>How accurate is the vulnerability database?<\/h3><\/dt>\n<dd><p>The built-in database covers a curated set of known vulnerabilities for popular plugins, themes, and WordPress core. It is updated with each plugin release. For broader, real-time coverage, external vulnerability feeds will be supported in future versions.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.0.1<\/h4>\n\n<ul>\n<li>Updated version metadata and packaging adjustments for WordPress.org review.<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release.<\/li>\n<li>Security dashboard with risk score (0\u2013100).<\/li>\n<li>Local security scanner with 12 checks (core, plugins, themes, users, configuration, server).<\/li>\n<li>Normalized findings with evidence, source, and fingerprint.<\/li>\n<li>Scan history table for tracking score over time.<\/li>\n<li>Hardening module (XML-RPC, REST API, WordPress version, login brute-force protection).<\/li>\n<li>Built-in known vulnerability database with provider architecture.<\/li>\n<li>Module toggle control from settings.<\/li>\n<li>Security event logging with retention management.<\/li>\n<li>WordPress Site Health integration (6 tests).<\/li>\n<li>Internal REST API for plugin operations.<\/li>\n<li>Automatic scans via WP-Cron.<\/li>\n<\/ul>","raw_excerpt":"Lightweight security scanner for WordPress. Checks for outdated software, risky configurations, and applies safe hardening measures.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/296440","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=296440"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/estebandezafra"}],"wp:attachment":[{"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=296440"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=296440"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=296440"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=296440"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=296440"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=296440"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}