Fixes the security overview table styling and avoids the feed rate limit on repeated scans.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3572395,"resolution":"128x128","location":"assets","locale":"","width":128,"height":128},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3572395,"resolution":"256x256","location":"assets","locale":"","width":256,"height":256}},"assets_banners":{"banner-1544x500.png":{"filename":"banner-1544x500.png","revision":3572401,"resolution":"1544x500","location":"assets","locale":"","width":1544,"height":500},"banner-772x250.png":{"filename":"banner-772x250.png","revision":3572401,"resolution":"772x250","location":"assets","locale":"","width":772,"height":250}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.9"],"block_files":[],"assets_screenshots":[],"screenshots":[]},"plugin_section":[],"plugin_tags":[31093,1184,6464,600,6460],"plugin_category":[54],"plugin_contributors":[267159],"plugin_business_model":[],"class_list":["post-320191","plugin","type-plugin","status-publish","hentry","plugin_tags-hardening","plugin_tags-malware","plugin_tags-scanner","plugin_tags-security","plugin_tags-vulnerability","plugin_category-security-and-spam-protection","plugin_contributors-trgomez","plugin_committers-trgomez"],"banners":{"banner":"https:\/\/ps.w.org\/pura-vida-vulnerability-scanner\/assets\/banner-772x250.png?rev=3572401","banner_2x":"https:\/\/ps.w.org\/pura-vida-vulnerability-scanner\/assets\/banner-1544x500.png?rev=3572401","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/pura-vida-vulnerability-scanner\/assets\/icon-128x128.png?rev=3572395","icon_2x":"https:\/\/ps.w.org\/pura-vida-vulnerability-scanner\/assets\/icon-256x256.png?rev=3572395","generated":false},"screenshots":[],"raw_content":"\n
Pura Vida Vulnerability Scanner checks everything installed on your site, including plugins, themes and WordPress core, against the Wordfence Intelligence<\/strong> vulnerability database, audits your site's security posture, and shows you exactly what is at risk and how to fix it.<\/p>\n\n It does not invent findings. It correlates your installed software and configuration against authoritative public sources (Wordfence Intelligence, CVE\/MITRE, the WordPress.org update channel) and live checks of your own server.<\/p>\n\n Security overview<\/strong><\/p>\n\n The dashboard opens with an at-a-glance status table covering:<\/p>\n\n What it does<\/strong><\/p>\n\n Data sources<\/strong><\/p>\n\n This product includes data that may be copyrighted by Defiant Inc. (Wordfence Intelligence) and by the MITRE Corporation (CVE\u00ae); their notices are displayed alongside the relevant findings.<\/p>\n\n Developed by Pura Vida Design Studio, Open Source Security & Website Tools (https:\/\/puravidadesignstudio.com\/).<\/p>\n\n This plugin connects to one external service to function: the Wordfence Intelligence Vulnerability Data Feed.<\/p>\n\n Wordfence Intelligence Vulnerability Data Feed (Defiant Inc.)<\/strong>\nThis plugin downloads the public WordPress vulnerability database from Wordfence in order to match it against the plugins, themes and core version installed on your site.<\/p>\n\n The plugin also performs read-only checks against your own site for the Security Overview: a loopback HTTP request to your own home URL (to inspect response headers and detect a CDN\/WAF) and DNS lookups for your own domain (to check DNS resolution and SPF\/DMARC records). These query your own domain and public DNS only; no data is sent to any third party.<\/p>\n\n\n No. The Wordfence Intelligence feed is free for personal and commercial use. You only need to generate a free API key.<\/p><\/dd>\n Your host may block loopback HTTP requests or disable PHP's DNS\/OpenSSL functions. Those checks are skipped safely while everything else still works.<\/p><\/dd>\n DKIM records live at a selector-specific hostname that varies per mail provider and can't be reliably guessed. Pura Vida Vulnerability Scanner checks SPF and DMARC, which are deterministic.<\/p><\/dd>\n It downloads the public vulnerability feed and matches it locally on your server. Your list of installed plugins is not transmitted.<\/p><\/dd>\n The feed is cached locally and refreshed on your chosen schedule (daily by default), so scans are fast and stay within the provider's rate limits.<\/p><\/dd>\n\n<\/dl>\n\n\n\n
\n
\n
External services<\/h3>\n\n
\n
\n
pura-vida-vulnerability-scanner<\/code> folder to \/wp-content\/plugins\/<\/code>, or install the ZIP via Plugins \u2192 Add New \u2192 Upload Plugin<\/strong>.<\/li>\n\n
Do I need a paid account anywhere?<\/h3><\/dt>\n
Why do some rows show N\/A?<\/h3><\/dt>\n
Why isn't DKIM checked automatically?<\/h3><\/dt>\n
Does the plugin send my site data anywhere?<\/h3><\/dt>\n
How often is the data updated?<\/h3><\/dt>\n
1.0.9<\/h4>\n\n
\n
1.0.8<\/h4>\n\n
\n
1.0.7<\/h4>\n\n
\n
1.0.6<\/h4>\n\n
\n
1.0.5<\/h4>\n\n
\n
1.0.4<\/h4>\n\n
\n
1.0.3<\/h4>\n\n
\n
1.0.2<\/h4>\n\n
\n
1.0.1<\/h4>\n\n
\n
1.0.0<\/h4>\n\n
\n