Title: Plugin Security Scanner
Author: Glen Scott
Published: <strong>13 Nisan 2015</strong>
Last modified: 19 Ağustos 2019

---

Eklentilerde ara

Bu eklenti, **WordPress’in son 3 ana dağıtımı ile test edilmemiş**. Artık bakımı
yapılmıyor veya desteklenmiyor olabilir ve WordPress’in daha güncel sürümleriyle
birlikte kullanıldığında uyumluluk sorunları olabilir.

![](https://ps.w.org/plugin-security-scanner/assets/icon-256x256.png?rev=1133757)

# Plugin Security Scanner

 [Glen Scott](https://profiles.wordpress.org/glen_scott/) tarafından

[İndir](https://downloads.wordpress.org/plugin/plugin-security-scanner.2.0.2.zip)

 * [Detaylar](https://tr.wordpress.org/plugins/plugin-security-scanner/#description)
 * [İncelemeler](https://tr.wordpress.org/plugins/plugin-security-scanner/#reviews)
 * [Geliştirme](https://tr.wordpress.org/plugins/plugin-security-scanner/#developers)

 [Destek](https://wordpress.org/support/plugin/plugin-security-scanner/)

## Açıklama

This plugin determines whether any of your plugins or themes have security vulnerabilities.
It does this by looking up details in the WPScan Vulnerability Database.

It will run a scan once a day, and e-mail the administrator if any vulnerable plugins
or themes are found.

_Please note:_ As from version 2.0.0, you will need to [register on the WPScan Vulnerability Database](https://wpvulndb.com/users/sign_up)
site in order to get an API token. This token is required before any security scans
can be performed. Once you have your token, it can be added to the Plugin Security
Scanner settings page.

You can also register a webhook for notifications. The webhook will trigger daily,
even if no vulnerabilities found. The webhook is a post request, with JSON payload
containing the vulnerabilities.

You can enable the webhook under Settings\General tab – see the Plugin Security 
Scanner settings.

It also adds a new menu option to the admin tools menu called “Plugin Security Scanner”.
Clicking this runs a scan. If the scan finds any problems, it shows you a list of
plugins or themes that have vulnerabilities, along with a description of the issue.

The WPScan Vulnerability Database API, which this plugin uses, is free for non-commercial
use. However, any commercial usage will require that you purchase a commercial license
from WPScan. If you are using the API for your own site then you will not need a
commercial license. However, if you are a hosting company and install the plugin
systematically across all of your clients sites, then you will need to purchase 
a commercial license. If you are making heavy use of the API, it is likely that 
you will need to purchase a commercial license. To enquire about a commercial license,
please contact team@wpvulndb.com

Icons made by [Alessio Atzeni](http://www.flaticon.com/authors/alessio-atzeni) from
[www.flaticon.com](http://www.flaticon.com) is licensed by [CC BY 3.0](http://creativecommons.org/licenses/by/3.0/)

## Ekran Görüntüleri

 * [[
 * Example run of the security scanner that has found two vulnerable plugins.
 * [[
 * E-mail alert to administrator when vulnerable plugins have been found.

## İncelemeler

![](https://secure.gravatar.com/avatar/7c50ba4af2e2c4a5374c41982b29ac76bac406970a53cf4892db4d1d57f9b1f6?
s=60&d=retro&r=g)

### 󠀁[Great plugin!](https://wordpress.org/support/topic/great-plugin-9160/)󠁿

 [Julie](https://profiles.wordpress.org/habannah/) 3 Eylül 2016

Peace of mind! Excellent support from the plugin author Proactive maintenance of
the WPScan Vulnerability Database

![](https://secure.gravatar.com/avatar/02ce3fbd1d03b09d4cbe862e253c16dbf9dc0214d84118304aae30083e22bb68?
s=60&d=retro&r=g)

### 󠀁[Fonctionne bien, mais ses messages manque de détails](https://wordpress.org/support/topic/fonctionne-bien-mais-ses-messages-manque-de-details/)󠁿

 [Sabine](https://profiles.wordpress.org/lisettemag/) 3 Eylül 2016 1 yanıt

Fonctionne très bien, mais j’abuse en espérant une petite amélioration essentielle…
Quand j’ai installé le plugin Zopim Live Chat la semaine dernière, il m’a adressé
dans les 24h un message : —— Vulnerability found: zopim-live-chat <= 1.2.5 – XSS
in ZeroClipboard Scan completed: 1 vulnerability found. —– Un peu court pour savoir
ce qu’il en retourne vraiment, mais le boulot de base est fait. Je suis alertée 
et le support de Zopim aussi. Maintenant, reste à trouver la faille… Plus de détails
seraient le bienvenu surtout quand on doit transmettre à un support.

![](https://secure.gravatar.com/avatar/f94cb8e7107d3093e864f4c0fdc33500e2a418c157d28788d47736f2cb2e37b5?
s=60&d=retro&r=g)

### 󠀁[Could also check WP version](https://wordpress.org/support/topic/could-also-check-wp-version/)󠁿

 [Edir Pedro](https://profiles.wordpress.org/edir/) 3 Eylül 2016

Slow to check because the API service works only one plugin at a time, but good 
enough. Could show the vulnerabilities found direct on Plugins page.

 [ 7 incelemeyi oku ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/)

## Katkıda Bulunanlar ve Geliştiriciler

“Plugin Security Scanner” açık kaynaklı yazılımdır. Aşağıdaki kişiler bu eklentiye
katkıda bulunmuşlardır.

Katkıda bulunanlar

 *   [ Glen Scott ](https://profiles.wordpress.org/glen_scott/)

[“Plugin Security Scanner” eklentisini dilinize çevirin.](https://translate.wordpress.org/projects/wp-plugins/plugin-security-scanner)

### Geliştirmeyle ilgilenir misiniz?

[Kodu görüntüleyin](https://plugins.trac.wordpress.org/browser/plugin-security-scanner/),
[SVN deposuna](https://plugins.svn.wordpress.org/plugin-security-scanner/) göz atın
ya da [RSS](https://plugins.trac.wordpress.org/log/plugin-security-scanner/?limit=100&mode=stop_on_copy&format=rss)
ile [geliştirme günlüğüne](https://plugins.trac.wordpress.org/log/plugin-security-scanner/)
abone olun.

## Değişiklik Kaydı

#### 2.0.2

 * Clarified 403 error

#### 2.0.1

 * Clarified error message in daily email

#### 2.0.0

 * Use WPScan Vulnerability Database API V3
 * Important notice: to use this plugin, you now need to register a user and get
   an API token from https://wpvulndb.com/users/sign_up
 * Improved error handling

#### 1.6.0

 * Moved settings to dedicated page
 * Added option to ignore unpatched issues

#### 1.5.2

 * Fix: Allow scanning if you are running WordPress nightly or release candidates

#### 1.5.1

 * Added option to ignore ‘WordPress 2.3-4.8.3 – Host Header Injection in Password
   Reset’ vulnerability

#### 1.5.0

 * Checks vulnerabilities in WordPress core files
 * Added ability to send an HTTP request when vulnerabilities are found (webhook)

#### 1.4.1

 * Fix issue with theme version checking

#### 1.4

 * Themes as well as plugins are now scanned for vulnerabilities

#### 1.3.1

 * Added check to make sure the WPVulnDb API has returned a valid response

#### 1.3

 * Added option under “Settings / General / Plugin Security Scanner” to disable 
   the email notification

#### 1.2.1

 * Moved to WPScan Vulnerability Database API v2

#### 1.2.0

 * Added i18n support

#### 1.1.9

 * Fix: Removed unecessary ob_flush calls
 * Fix: If vulnerability does not have a “fixed in” version number, report it as
   a vulnerability

#### 1.1.8

 * Fix: corrected links to WPScan Vulnerability Database

#### 1.1.7

 * Add link to WPScan Vulnerability Database details page

#### 1.1.6

 * Conditionally include plugin.php include in case it is not already included

#### 1.1.5

 * Escape output in HTML report to prevent XSS

#### 1.1.4

 * Added blog title to email subject

#### 1.1.3

 * Fixed bug that prevented admin email being sent

#### 1.1

 * Email admin daily if any vulnerabilities are found

#### 1.0

 * İlk sürüm

## Meta

 *  Sürüm **2.0.2**
 *  Son güncelleme **7 yıl önce**
 *  Etkin kurulumlar **800+**
 *  Test edilen sürüm **5.2.24**
 *  Dil
 * [English (US)](https://wordpress.org/plugins/plugin-security-scanner/)
 * Etiketler
 * [plugins](https://tr.wordpress.org/plugins/tags/plugins/)[scanner](https://tr.wordpress.org/plugins/tags/scanner/)
   [secure](https://tr.wordpress.org/plugins/tags/secure/)[security](https://tr.wordpress.org/plugins/tags/security/)
   [vulnerabilities](https://tr.wordpress.org/plugins/tags/vulnerabilities/)
 *  [Gelişmiş görünüm](https://tr.wordpress.org/plugins/plugin-security-scanner/advanced/)

## Puanlar

 5 üzerinden 4.9 yıldız.

 *  [  6 5 yıldızlı inceleme     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=5)
 *  [  1 4 yıldızlı inceleme     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=4)
 *  [  0 3 yıldızlı inceleme     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=3)
 *  [  0 2 yıldızlı inceleme     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=2)
 *  [  0 1 yıldızlı inceleme     ](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/?filter=1)

[Your review](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/#new-post)

[Tüm değerlendirmeleri görün](https://wordpress.org/support/plugin/plugin-security-scanner/reviews/)

## Katkıda bulunanlar

 *   [ Glen Scott ](https://profiles.wordpress.org/glen_scott/)

## Destek

Söyleyeceğiniz bir şey mi var? Yardım mı lazım?

 [Destek forumunu görüntüle](https://wordpress.org/support/plugin/plugin-security-scanner/)