Facebook Tracking Pixel

Lead Developer Storm Rockwell Creates Vulnerable Plugin Checker

There’s no denying the importance of security in today’s digital environment. With the threat of hackers running rampant, websites and their information are constantly under the threat of attack. Websites are most commonly hacked through outdated WordPress core files or plugins. Our lead developer noticed this issue and created the “vulnerable plugin checker” to counteract this problem.

“Vulnerable Plugin Checker,” or “VPC” for short, automatically checks your installed WordPress plugins for known vulnerabilities by utilizing WPScan’s API and sends optional email alerts. This plugin gives your WordPress site and data an added level of security by detecting potentially vulnerable plugins and alerting you so you can handle them.


This plugin automatically checks installed plugins for known vulnerabilities utilizing WPScan’s API and provides optional email alerts when a plugin has been detected vulnerable.


  • Automatic vulnerability detection in plugins utilizing WPScan’s API
  • Optional email alerts
  • Utilizes WP-Cron to check for new security updates twice a day
  • Cached API results to decrease backend load time significantly

Vulnerable-Plugin-Checker Installation

  • Upload the folder “vulnerable-plugin-checker” to your WordPress Plugins Directory (typically “/wp-content/plugins/”)
  • Activate the plugin on your Plugins Page.
  • Done!

Enabling Email Updates

  • After activating, go to Tools > VPC Settings
  • Check off “Enable Email Alerts” and enter your email in “Alert Email Address”
  • Click “Save Changes”
Download on WordPress.org

Thinking about a website redesign? Let us know! We’d love to get started!


Stay in the Know

Join our mailing list to read up on industry insights, tips, news, and more!