WP Malware Removal


Scans your WordPress files for malware, infections, security-threats, viruses, trojans, backdoors, malicious redirects, code injections and other vunerabilities. It’s the most precise malware scanner yet light-weight, simple and easy-to-use. You can inspect suspicious / flagged files.

  • Checks integrity of the WordPress core files and plugins.
  • Checks for viruses and infections using regularly updated malware signatures.
  • Supports auto-update of malware signatures.
  • Supports connecting to Google™ Search Console to fetch any warnings or notices issued by Google™

If your site is infected, here’s the steps to take.

Please create a support thread in WordPress Support Forums in case you find any issues. We want to make this better and help out everyone.

WP Malware Removal is sophisticated and extremely powerful yet does not require any third-party integration, does not send your files / data to external services etc. to work. It’s simple and does the job.

WP Malware Removal Scanner Features You’ll Love:

  • Ultra-high-precision results.
  • Auto-sync with WordPress Checksum API.
  • Verifies WordPress files integrity using checksums from WordPress Checksum API.
  • No need for third-party scanning.
  • Links to external tools for additional site diagnostics.
  • Checks for viruses and infections using malware definitions.
  • Hourly update of malware signatures.
  • Connects to definition update server to fetch latest definitions.

Extremely Lightweight

Works out of the box

Simple to configure

No third-party service required

No Malware – No Google Penalties. Give your SEO a solid boost.

NOTICE: This plugin make call to wp-malware-removal.com to check for updates to do download the latest malware signatures (pretty much like what WordPress does when checking your plugins and themes for new versions. Staying up-to-date is a security best-practice. WP Malware Removal can will inform you when there are new plugin and definition update available. If you’re allergic to “phone home” scripts then don’t use this plugin (or WordPress at all for that matter).


  • screenshot-1.png
  • screenshot-2.png
  • screenshot-3.png
  • screenshot-4.png
  • screenshot-5.png
  • screenshot-6.png
  • screenshot-7.png


Upload the plugin to your blog. Activate it. Currently there are no settings. Create a support thread in case of any issues.


Ask away.


Very very good plugin

Excellent plugin, fool proof scan. I've had issues with others when the scan breaks midway, but not this. I can even inspect the rogue files it flags.
Read all 2 reviews

Contributors & Developers

“WP Malware Removal” is open source software. The following people have contributed to this plugin.


Translate “WP Malware Removal” into your language.

Interested in development?

Browse the code, check out the SVN repository, or subscribe to the development log by RSS.



  • Implemented GOD mode: Advanced options when you know what you are doing.
  • CSS fixes: Several CSS fixes.


  • Fixed the sidebar support box
  • Implemented external tools page


  • Fixed minor bug with definition updates
  • UX / UI Improvements
  • Improved screenshots


  • New branch with major feature improvement.
  • Inspect files


  • New: Implemented plugin integrity check. Theme integrity coming soon.
  • Fixed: Sometimes infections are not reported
  • Fixed: More thorough matching, error control, logging


  • Optimized signature updation
  • Ability to connect to Google Search Console to detect security notices
  • Code refactoring
  • Implemented verbose upgrade notice


  • UX improvements
  • Optimized for minimal server load due to too many definition update requests


  • Updated progress tracking to report real-time scan-stats.


  • Optimized memory usage
  • Fixed bug: newer definitions would not update due to caching
  • UI improvements
  • Updated UI progress status
  • Implemented definition update status


  • Updated tools page
  • Updated UIIncluded Support Options


  • Implemented definition updates
  • More statistics


  • UI Fixes
  • Minor Bugfixes


  • Fixed timing issues
  • Skip /wp-content/ files by default


  • Initial release