Site Information
WordPress Version: 5.5.18 ⚠️ VULNERABLE
Theme: lalita (used by 351 domains)
Last Checked: 2026-07-03 14:52:25
HTTPS: ✅ Yes
Plugins (7)
| Plugin | Used By |
|---|---|
| atomic-blocks | 4,731 |
| buttonizer-multifunctional-button-premium | 576 |
| getwid | 9,256 |
| mobile-menu | 12,547 |
| modern-events-calendar-lite | 14,318 |
| publishpress-authors | 987 |
| streamcast | 191 |
Security Headers
F
Grade F
5 missing headers
Exposed Files & Configurations
This domain has publicly accessible security-sensitive files or configurations:
- Vulnerable WordPress Version (5.5.18) — CVE-2024-4439: Unauthenticated Stored XSS. Update to 6.5.2 or later immediately.
- User enumeration exposed — Usernames are publicly discoverable via the REST API or author archives, aiding brute-force attacks ?
Need help securing your WordPress site? Contact us for a professional security audit.