WordPress Version: 6.9.4 ✓
Theme: haaken (used by 60 domains)
Last Checked: 2026-03-31 03:20:44
HTTPS: ✅ Yes
Plugins (26)
| Plugin | Used By |
|---|---|
| advanced-product-labels-for-woocommerce | 6,032 |
| bookly-responsive-appointment-booking-tool | 23,732 |
| brands-for-woocommerce | 1,929 |
| complianz-gdpr | 454,696 |
| contact-form-7 | 4,156,276 |
| custom-twitter-feeds | 73,882 |
| duracelltomi-google-tag-manager | 176,195 |
| elementor | 5,059,632 |
| facebook-for-woocommerce | 2,008 |
| flexible-shipping | 49,151 |
| google-listings-and-ads | 64,928 |
| google-site-kit | 507,696 |
| haaken-core | 82 |
| haaken-membership | 69 |
| jetpack | 610,764 |
| newsletter | 109,414 |
| qi-addons-for-elementor | 87,201 |
| qode-quick-view-for-woocommerce | 2,731 |
| qode-wishlist-for-woocommerce | 2,970 |
| woo-discount-rules | 41,815 |
| woo-variation-swatches | 109,484 |
| woocommerce | 2,474,882 |
| woocommerce-payments | 40,771 |
| woocommerce-products-filter | 33,037 |
| wp-consent-api | 99,950 |
| wt-smart-coupons-for-woocommerce | 13,484 |
Security Headers
5 missing headers
Missing Headers:
-
🔒
Strict-Transport-Security
Forces HTTPS connections, preventing downgrade attacks
Add header: Strict-Transport-Security: max-age=31536000; includeSubDomains -
📄
X-Content-Type-Options
Prevents MIME type sniffing attacks
Add header: X-Content-Type-Options: nosniff -
🖼️
X-Frame-Options
Prevents clickjacking by controlling iframe embedding
Add header: X-Frame-Options: DENY -
🔗
Referrer-Policy
Controls how much referrer information is shared
Add header: Referrer-Policy: strict-origin-when-cross-origin -
⚙️
Permissions-Policy
Controls browser features like camera, microphone access
Add header: Permissions-Policy: geolocation=(), microphone=(), camera=()
✅ No Immediate Security Risks Found
Our automated scan did not detect any of the most common publicly-accessible vulnerabilities on this domain.
However, this doesn't mean the site is completely secure. There are many other potential vulnerabilities that require deeper analysis:
- Outdated WordPress core, themes, or plugins
- Weak passwords and authentication
- Missing security headers
- SQL injection vulnerabilities
- Cross-site scripting (XSS) issues
- Insecure server configurations
Questions about your WordPress security? Reach out — we offer comprehensive security audits and can help identify hidden vulnerabilities.