WordPress.org

Plugin Reviews

Exploit Scanner

Search the files and database of your WordPress install for signs that may indicate that it has fallen victim to malicious hackers.

17 reviews
Average Rating
2.9 out of 5 stars
impossible to work with
By , for WP 4.2.2

Really too many false positives. So what I'm supposed to do now?

Error occurred during scan
By , for WP 4.1.1

No error message besides the 'Error occurred' message. This is clearly broken, at least for WP multisites.

Great Plugin
By ,

Must plugin for a WordPress web site. You can use it in combo with kali linux, and build a secure wall to your web site..

Really Works
By , for WP 4.1.1

After grabbing the latest hash tags from https://github.com/philipjohn/exploit-scanner-hashes, I was able to get this to scan my site. Awesome work!

doesn't work for me
By , for WP 4.0.1

I get the following message:

"hashes-4.0.1.php missing
The file containing hashes of all WordPress core files appears to be missing; modified core files will no longer be detected and a lot more suspicious strings will be detected"

Then it lists 553 problems which is far too much.

Anyone know how to get it working?

Need option for files/folder to scan
By , for WP 4.0

Works but tedious time to check few thousands of line!
Need option for files/folder to scan, can reduce thousands of lines to check, or at least filter to Severe Level matches

DidnĀ“t work
By ,

Kept not finishing search and giving error message. UNINSTALL!

"hashes-3.x.php missing"
By , for WP 3.8

Every time I update WordPress, Exploit Scanner loses its hashes file and marks everything as compromised. The fact that you have to manually generate a replacement hashes file - there is no way through the GUI - means that it is of limited use to anyone bar expert users. And even then, its not guaranteed to work.

The developers don't seem to be keeping up pace with WordPress core development - the Plugin page lists 3.5.2 as latest supported version, whereas 3.8 is most up to date WP version as of writing.

only shows exploits in security plugins
By , for WP 3.7.1

does not show much except lots of stuff from other security plugins.
useless.

An error occurred. Please try again later.
By , for WP 3.7.1

I haven't gotten it to work once yet. I've increased the memory it requires and set it to the Upper file size limit to 50k and number of files per batch to 100. It still times out or otherwise errors. Maybe it works, maybe it doesn't, but I'm not changing system-wide settings (that make my system more vulnerable) to get a scanner to work.

You must log in to submit a review. You can also log in or register using the form near the top of this page.