Facebook Tracking Pixel

Lead Developer Storm Rockwell Creates Vulnerable Plugin Checker

There’s no denying the importance of security in today’s day and age. With hackers running rampant, websites are constantly under the threat of attack. Websites are most commonly hacked through outdated WordPress core files or plugins. Our lead developer noticed this and made “vulnerable plugin checker” to counteract this problem.

“Vulnerable Plugin Checker,” or “VPC” for short, automatically checks your installed plugins for known vulnerabilities utilizing WPScan’s API and sends optional email alerts. This plugin gives your WordPress site an added level of security by detecting potentially vulnerable plugins and alerting you so you can handle it.


This plugin automatically checks installed plugins for known vulnerabilities utilizing WPScan’s API and provides optional email alerts when a plugin has been detected vulnerable.


  • Automatic vulnerability detection in plugins utilizing WPScan’s API
  • Optional email alerts
  • Utilizes WP Cron to check for new security updates twice a day
  • Cached API results to decrease backend load time significantly


  • Upload the folder “vulnerable-plugin-checker” to your WordPress Plugins Directory (typically “/wp-content/plugins/”)
  • Activate the plugin on your Plugins Page.
  • Done!

Enabling Email Updates

  • After activating “Vulnerable Plugin Checker”, go to Tools > VPC Settings
  • Check off “Enable Email Alerts” and enter your email in “Alert Email Address”
  • Click “Save Changes”
Download on WordPress.org

Stay in the Know

Join our mailing list to read up on industry insights, tips, news, and more!