LSE toolsLSE toolsWPScan (111)WPScan (111)

Tool and Usage

Project details
Programming languageRuby
AuthorRyan Dewhurst
Latest release2.9.4 []

Project health

This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

WPScan can scan WordPress installations and determine if there are vulnerabilities in a particular installation.

Background information

While the code is available and the tool can be freely used, there are limitations when using this software commercially. The tool does not have to be installed, as it can also be used as part of a Docker image.

Usage and audience

WPScan is commonly used for penetration testing, security assessment, or vulnerability scanning. Target users for this tool are pentesters, security professionals, and system administrators.

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + More than 25 contributors
  • + More than 2000 GitHub stars
  • + The source code of this software is available


  • - Software usage is restricted (e.g. commercially)

Author and Maintainers

WPScan is under development by Ryan Dewhurst. This project is currently maintained by Christian Mehlmauer, Erwan LR, Peter van der Laan.



Supported operating systems

WPScan is known to work on Linux.

WPScan alternatives

Similar tools to WPScan:



WPSeku is a WordPress vulnerability scanner that can be used to scan remote WordPress installations.


WordPress Exploit Framework

The WordPress Exploit Framework (WPXF) is a framework written in Ruby. As the name implies, it aids in pentesting WordPress installations.



Vane is a forked project of the now non-free popular WordPress vulnerability scanner WPScan.

All WPScan alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Compare WPScan with other tools


This tool is categorized as a WordPress fingerprinting tool and WordPress security tool.