WordPress Guardian
Built for WordPress, hardened by design

Spot WordPress vulnerabilities before attackers do.

WordPress Guardian scans your sites — especially after new plugin installs — for outdated components, exposed endpoints, missing security headers, and weak configurations.

Plugin & theme audits
Detect outdated and vulnerable extensions.
Security headers
HSTS, CSP, X-Frame-Options and more.
Exposed endpoints
xmlrpc, wp-json users, debug logs, backups.
Core fingerprinting
Catches outdated WordPress versions.