How to Check WordPress Plugins and Themes for Vulnerabilities
Premium Care Plan users
Our monthly website support plans, called “Care Plans” offer you peace of mind that every month we will update your website, monitor its uptime and security, tweak its performance issues, and respond to requests from you and your team to improve or help you fix unforeseen and timely issues.
Vulnerable plugins and themes are the leading causes of WordPress compromises.
To ensure the security of your website's code, you should use a web-application firewall WAF . Then, use as few plugins as possible that are well known and highly rated from trusted sources, such as the WordPress plugin repository.
The same guidelines can be applied to using themes with your site.
If you are unsure of the status for a WordPress theme or plugin, Sucuri offers an easy-to-use database listing all of the known vulnerabilities throughout WordPress.
Simply visit https://wpvulndb.com and either browse or search for the plugin or theme you're interested in. Sucuri's WPScan Vulnerability Database will then list any known vulnerabilities and the fixes that have been applied.