Projects in Awesome Lists tagged with wordpress-security
A curated list of projects in awesome lists tagged with wordpress-security .
https://github.com/olacabs/jackhammer
Jackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
application-security dynamic-analysis mobile-security network-security penetration-testing penetration-testing-framework security security-scanner security-vulnerability-assessment source-code-analysis static-code-analysis vulnerability-assessment vulnerability-management vulnerability-scanners vulnerability-scanning webappsec wordpress-security
Last synced: 05 Feb 2026
https://github.com/swisskyrepo/wordpresscan
WPScan rewritten in Python + some WPSeku ideas
hacktoberfest python vulnerabilities vulnerability-scanners wordpress wordpress-plugin wordpress-scanner wordpress-security wordpress-theme wpscan
Last synced: 02 Apr 2025
https://github.com/swisskyrepo/Wordpresscan
WPScan rewritten in Python + some WPSeku ideas
hacktoberfest python vulnerabilities vulnerability-scanners wordpress wordpress-plugin wordpress-scanner wordpress-security wordpress-theme wpscan
Last synced: 27 Mar 2025
https://github.com/szepeviktor/waf4wordpress
WAF for WordPress đĨ with 60+ security checks and weekly updates
fail2ban firewall plugin security waf wordpress wordpress-security
Last synced: 08 Apr 2025
https://github.com/umutphp/wp-vulnerability-check
A command line took to check the WPScan Vulnerability Database via API to identify the security issues of WordPress plugins installed.
continuous-integration hacktoberfest security vulnerability-checker wordpress wordpress-plugin wordpress-security wordpress-security-scanner
Last synced: 23 Apr 2025
https://github.com/dknauss/wp-sudo
Sudo for WordPress! đĨĒ Risky actions â activating plugins, deleting users, changing key settings â are gated by a required reauthentication step, regardless of user role. Time-bounded sessions, 2FA support, rate limiting, and configurable policies for REST, WP-CLI, Cron, WPGraphQL, & XML-RPC. No role escalation, no new permissions â just a gate. âŠī¸
access-control principle-of-least-privilege sudo wordpress-admin-backend wordpress-admin-panel wordpress-administrators wordpress-auth wordpress-cron wordpress-multisite-compatible wordpress-plugins wordpress-rest-api wordpress-security wordpress-security-plugin wordpress-users wordpress-xmlrpc wp-cli wpgraphql zero-trust
Last synced: 08 Mar 2026
https://github.com/frankiejarrett/prevent-concurrent-logins
Prevents users from being logged into the same WordPress site from multiple places.
membership wordpress wordpress-plugin wordpress-security
Last synced: 17 Dec 2025
https://github.com/jurerotar/wordpress-security-and-performance
Apache configuration and useful functions for more secure and performant Wordpress sites.
apache htaccess php security wordpress wordpress-development wordpress-security wp
Last synced: 23 Apr 2025
https://github.com/centminmod/centminmod-fail2ban
fail2ban setup for centminmod.com LEMP stack with CSF Firewall
bots-protection centminmod centos cloudflare csf fail2ban fail2ban-filter nginx nginx-fail2ban wordpress wordpress-security
Last synced: 23 Mar 2025
https://github.com/volkansah/wordpress-security-scanner-advanced-use
Advanced use of WPScan (WordPress Security Scanner) with other tools like nmap, nikto, owasp-zap, ids for ethnical Hackers
intrusion-detection-system nikto nmap owasp-zap penetration-testing pentesting redteam redteam-tools security security-audit security-automation security-tools vulnerability-scanners wordpress wordpress-security wordpress-security-scanner wpscan wpscanner
Last synced: 05 Jul 2025
https://github.com/frankiejarrett/expire-passwords
Require certain users to change their passwords on a regular basis.
wordpress wordpress-plugin wordpress-security
Last synced: 08 Jul 2025
https://github.com/chesio/bc-security
Helps keeping WordPress websites secure.
wordpress wordpress-plugin wordpress-security
Last synced: 21 Jan 2026
https://github.com/enginescript/enginescript
EngineScript is a super fast WordPress server built on Ubuntu and optimized for Cloudflare and Digital Ocean
cloudflare digital-ocean digitalocean linux-server linux-server-auto-install mariadb nginx nginx-auto-cofiguration nginx-configuration php83 sensei sensei-lms server-automation ubuntu wordfence wordpress wordpress-autoinstall wordpress-performance wordpress-security wordpress-site
Last synced: 03 Jul 2025
https://github.com/password123456/setup-wordpress-with-security-best-practice
wordpress security best practice
hardening-wordpress securing-wordpress wordpress wordpress-best-practice wordpress-development wordpress-guide wordpress-hardening wordpress-security wordpress-settings wordpress-setup wordpress-site
Last synced: 24 Oct 2025
https://github.com/littlebizzy/security-guard
Super easy security for WordPress
wordpress wordpress-plugin wordpress-security
Last synced: 07 May 2025
https://github.com/tinaponting/protect-wordpress
Protect wordpress with .htacess for paranoid bloggers
cybersecurity htaccess htaccess-security htaccess-snippets protect security skydda-wordpress speed web-security wordpress wordpress-security
Last synced: 28 Apr 2025
https://github.com/entr0pie/wp-multi-bruteforce
Script for bruteforcing multiple Wordpress Users (XMLRPC)
brute-force brute-force-attacks bruteforce-wordlist bruteforcing wordpress wordpress-api wordpress-security wordpress-site xml xmlrpc xmlrpc-bruteforcer
Last synced: 26 Oct 2025
https://github.com/ayesh/wordpress-password-hash
Wordpress plugin to change its password hashing mechanism with PHP native password_* set of functions.
bcrypt php-bcrypt wordpress wordpress-plugin wordpress-security
Last synced: 19 Apr 2025
https://github.com/jazz-man/wp-performance
The main task of this plugin is to increase the security of the site and improve the performance of the site by disabling completely unnecessary hooks and also optimizing SQL queries
wordpress wordpress-muplugin wordpress-performance wordpress-security
Last synced: 24 Apr 2025
https://github.com/riotkit-org/wordpress-hardened
Secure and performant Wordpress installation on your Kubernetes cluster
docker docker-compose hardened k8s kubernetes multirun nginx nonroot-user openshift p2cli rootless-containers supervisord waf web-application-firewall wordpress wordpress-automation wordpress-kubernetes wordpress-security wordpress-updater
Last synced: 16 Jun 2025
https://github.com/joho1968/cloudbridge-mattermost
Provides Mattermost 5-9 integration for WordPress 5/6.
mattermost mattermost-bot oauth2 php php74 php81 wordpress wordpress-development wordpress-hardening wordpress-plugin wordpress-security wordpress5 wordpress59 wordpress60 wordpress65
Last synced: 17 Oct 2025
https://github.com/codeconut-ltd/wordpress-plugin-default-config
WordPress plugin with some hardcoded, opinionated defaults for enhanced security and frontend performance. Reduced feature set that might not work with all plugins. Only use if you know what you need.
composer configuration configuration-management default-project opinionated-defaults ph7 php phpcs phpcs-wordpress plugin security security-hardening wordpress wordpress-development wordpress-plugin wordpress-security wordpress-settings
Last synced: 08 Oct 2025
https://github.com/niksmac/wpevalfix
This script will remove the malicious eval() code in Wordpress installation.
php wordpress wordpress-security
Last synced: 16 Dec 2025
https://github.com/riotkit-org/waf-proxy
Web Appliaction Firewall reverse-proxy using Coraza WAF + Caddy with ready-to-use rulesets
caddy cloud-native-security coraza-waf dependabot distroless golang k8s k8s-security kubernetes openshift reverse-proxy riotkit rootless-containers security waf web-application-firewall wordpress wordpress-security
Last synced: 02 Aug 2025
https://github.com/mehulkaklotar/wp-nonce
WordPress Nonce Implementation Object Oriented Way
oop wordpress wordpress-nonce wordpress-security
Last synced: 05 Apr 2025
https://github.com/navytitanium/wordpress-anomaly-detector
Compare the files and folders of the original source code of WordPress against a website
wordpress-scan wordpress-scanner wordpress-security wordpress-site wordpress-website-scanner
Last synced: 03 Feb 2026
https://github.com/oneplc/wp_plc_swissknife
A simple and lightweight plugin to enhance performance, stability and security of wordpress
cookie-law wordpress wordpress-comments wordpress-plugin wordpress-rest-api wordpress-security wordpress-xmlrpc
Last synced: 05 Mar 2026
https://github.com/norcross/scrub-comment-author-ip
Make sure no real IP addresses are stored in WP comments.
wordpress wordpress-plugin wordpress-security
Last synced: 19 Apr 2025
https://github.com/joho1968/fail2wp
WordPress plugin providing security functionality, plays nicely with Fail2ban and Cloudflare. Verified with WordPress 5.5+/6.6.x and PHP 7.4/PHP 8.1.x
cloudflare fail2ban fail2ban-filter php php74 php81 security security-hardening webbplatsen wordpress wordpress-development wordpress-plugin wordpress-security wordpress-security-plugin wordpress5 wordpress55 wordpress6 wordpress66 wordpress67 xmlrpc
Last synced: 09 Apr 2025
https://github.com/dknauss/wordpress-runbook-template
WordPress operations runbook template: production procedures for deployment, maintenance, backup, incident response, and recovery.
incident-response operations runbook sre wordpress wordpress-security
Last synced: 01 Apr 2026
https://github.com/jenderal92/cve-2024-8856
This tool scans WordPress websites for vulnerabilities in the WP Time Capsule plugin related to CVE-2024-8856. It identifies plugin versions below 1.22.22 as vulnerable and logs results to vuln.txt. Simple and efficient, it helps security researchers and admins detect and address risks quickly.
cve-2024-8856 cve-scanner plugin-vulnerability security-tools vulnerability wordpress wordpress-plugin-scanner wordpress-security wp-time-capsule
Last synced: 27 Feb 2026
https://github.com/itcssec/proactivesecuritysuite
This powerful plugin offers advanced security features including automatic IP blocking, an advanced rule builder, traffic analysis, and seamless integration with services like Cloudflare, AbuseIPDB, Whatismybrowser.com, and now IPData.
cloudflare wordfence wordpress wordpress-plugin wordpress-security
Last synced: 10 Oct 2025
https://github.com/typisttech/wordfence-api
Fetch WordPress vulnerability information from Wordfence vulnerability data feed.
wordfence wordpress wordpress-security
Last synced: 11 Feb 2026
https://github.com/ero-hack/wp-ateck
With this program you can penetrate WordPress sites.
cms j joomla scanner web-attack web-attacks web-scanner web-scanners wordpress wordpress-security wordpress-site
Last synced: 30 Jan 2026
https://github.com/jenderal92/cve-2024-10508
This tool scans WordPress sites for vulnerabilities in the "RegistrationMagic" plugin (CVE-2024-10508). It checks for the presence of a specific version (`6.0.2.6`) and marks the site as vulnerable if found. The results are saved in a file (`vuln.txt`) for further analysis.
cve-2024-10508 cve-scanner plugin-security python registrationmagic security-tools vulnerability vulnerability-detection vulnerability-scanner wordpress wordpress-security
Last synced: 28 Jan 2026
https://github.com/devidw/wp-hard
A modern approach to hardening WordPress: A WordPress hardening plugin.
harden hardened hardening hardening-steps security web-security wordpress wordpress-mu-plugin wordpress-muplugin wordpress-must-use-plugin wordpress-plugin wordpress-security wp wp-mu-plugin wp-plugin
Last synced: 24 Aug 2025
https://github.com/ihuzaifashoukat/wordpress-vulnerability-database
#1 Open WordPress vulnerability database tracking 27,000+ issues (plugins, themes, core). Updated On Daily Basis. Formats: SQLite, CSV, Excel.
ethical-hacking security vulnerbility vulnerbility-analysis vulnerbility-research web-vulnerabilities website website-security wordpress wordpress-bugs wordpress-development wordpress-plugin wordpress-security wordpress-site wordpress-theme wordpress-vulnerability wordpress-vulnerability-scanner wordpress-vulnerability-scanning wordpress-vulnerable
Last synced: 10 Oct 2025
https://github.com/codeconut-ltd/wordpress-web-setup-boilerplate
Security-focused structural boilerplate for any WordPress webs. Opinionated features that might not work with any hosting. Only use if you know what you are doing and are comfortable editing server files.
boilerplate-setup composer php php7 phpcs phpcs-wordpress security security-hardening server-configuration template-project template-repository wordpress wordpress-boilerplate wordpress-development wordpress-installation wordpress-security wordpress-server wordpress-settings wordpress-setup wordpress-site
Last synced: 12 Apr 2025
https://github.com/jpkcom/jpkcom-argon2
Enables ARGON2ID for password hashes.
word wordpress-plugin wordpress-security
Last synced: 25 Dec 2025
https://github.com/lucianoscarpaci/project-wp-vs-kali
đ Experience a detailed showcase of exploit discovery, analysis, reproduction, and documentation of five XSS vulnerabilities impacting an outdated WordPress version. đđģđ
ethical-hacking exploit-exercises exploit-research outdated penetration-testing security-assessments security-best-practices threat-modeling web-application-security wordpress-security xss-vulnerability
Last synced: 11 Feb 2026
https://github.com/volkansah/media-upload-only-for-admins-in-wordpress
Protect your WordPress site from malicious infiltrations with this code snippet! Recently, attackers have been attempting to exploit WordPress sites by uploading NFTs containing hate speech and propaganda. By implementing this snippet, you can help safeguard your site from such threats
crime crime-prediction fraud-detection nft nfts prepare-crime rush trademark-rights wordpress wordpress-security wordpress-upload-issue
Last synced: 29 Mar 2025
https://github.com/teckglobal/teckglobal-brute-force-protect
A Wordpress Plugin to Prevent Brute Force Attacks
maxmind maxmind-db maxmind-geoip maxminddb wordpress wordpress-development wordpress-nginx wordpress-php wordpress-plugin wordpress-security wordpress-security-plugin
Last synced: 16 Mar 2025
https://github.com/teckglobal/teckglobal-permissions-checker
A WordPress plugin by Teck Global to check and fix file and folder permissions in the WordPress root directory.
chmod chmod-changes wordpress wordpress-development wordpress-nginx wordpress-plugin wordpress-security
Last synced: 16 Mar 2025
https://github.com/widdix/attachmentav-wordpress
Protect your blog from viruses, trojans, and other kinds of malware. The plugin sends all uploads to the attachmentAV API to scan for malware with Sophos and blocks infected files.
antivirus malware virus wordpress wordpress-plugin wordpress-security
Last synced: 05 Mar 2026
https://github.com/imkkingshuk/wordpressrevsniper
WordPressRevSniper - A Precision Tool for WordPress Revolution Slider Research! Your go-to companion for unraveling the secrets of WordPress Revolution Slider. đĩī¸ââī¸ Uncover potential vulnerabilities with finesse and precision, making security research an art. Aim, shoot, and revolutionize your understanding of WordPress security! đđģ #WordPress
hack-wordpress hacking-tool wordpress wordpress-exploit wordpress-exploit-framework wordpress-exploiter wordpress-hack wordpress-hacking wordpress-plugin wordpress-plugin-api wordpress-security wordpress-vulnerability wordpress-vulnerability-scanner
Last synced: 14 Oct 2025
https://github.com/jazz-man/htaccess
WordPress Firewall
firewall htaccess wordpress wordpress-firewall wordpress-muplugin wordpress-security
Last synced: 29 Jan 2026
https://github.com/timnashcouk/two-factor-enforced
WordPress Plugin that enables Two-Factor Authentication for all newly registered users
wordpress wordpress-plugin wordpress-security
Last synced: 22 Mar 2025
https://github.com/joho1968/cloudbridge-2fa
Uncomplicated 2FA plugin for WordPress
2fa php php7 php8 php80 php81 security wordpress wordpress-plugin wordpress-security wordpress5 wordpress6
Last synced: 16 Mar 2026
https://github.com/ihuzaifashoukat/wpaudit
WPAUDIT: Advanced Python-based WordPress security auditing suite & vulnerability scanner. Automates pentesting with Nmap, WPScan, Nuclei, SQLMap. Comprehensive reports. Ideal for ethical hackers & Kali Linux.
cybersecurity ethical-hacking information-security kali-linux nmap nuclei penetration-testing penetration-tool python security-audit security-automation security-tools sqlmap vulnerbility-analysis vulnerbility-research wordpress wordpress-security wordpress-vulnerability wpscan
Last synced: 04 Apr 2026
https://github.com/rootshelll/k2ll33d-shell
Discover how K2ll33d Shell works, its dangerous capabilities, and essential protection measures to secure your web servers against this sophisticated PHP malware.
hacking-tool k2ll33d-shell php-malware server-protection web-security web-shell-detection wordpress-security
Last synced: 26 Feb 2025
https://github.com/dknauss/wp-security-benchmark
WordPress Full Stack Hardening Benchmark â prescriptive security configuration guidance for WordPress 6.x on LEMP/LAMP.
wordpress-hosting wordpress-security wordpress-server
Last synced: 25 Feb 2026
https://github.com/itcssec/ProActiveSecuritySuite
This powerful plugin offers advanced security features including automatic IP blocking, an advanced rule builder, traffic analysis, and seamless integration with services like Cloudflare, AbuseIPDB, Whatismybrowser.com, and now IPData.
cloudflare wordfence wordpress wordpress-plugin wordpress-security
Last synced: 02 Oct 2025
https://github.com/runthis/site-security-headers
Check your WordPress website for headers that are common for security purposes.
security wordpress wordpress-plugin wordpress-security wordpress-security-plugin
Last synced: 27 Jul 2025
https://github.com/kossisoroyce/the-crusader
"The Crusader" is a powerful Python script that scans web servers and WordPress installations for malware and other types of malicious software. It sends an alert email and text message to the website owner if it finds any issues. This tool helps cybersecurity analysts to protect their web assets and prevent cyber attacks.
cpanel cpanel-servers malware malware-detection servers web-server wordpress wordpress-malware wordpress-security
Last synced: 16 Jul 2025
https://github.com/lebtoki/securewp-firewall
SecureWP Firewall is your go-to solution for enhancing the security posture of your WordPress site, providing a multi-layered defense against cyber threats.
wordpress wordpress-plugin wordpress-security wordpress-security-plugin
Last synced: 16 Jun 2025
https://github.com/jpkcom/jpkcom-enable-block-editor
Enables the Block Editor for Admin (User ID:1).
gutenberg-blocks wordpress wordpress-development wordpress-plugin wordpress-security
Last synced: 25 Jul 2025