Site Information
WordPress Version: 6.9.4 ✓
Theme: astra (used by 430,182 domains)
Last Checked: 2026-07-02 19:05:41
HTTPS: ✅ Yes
Plugins (25)
| Plugin | Used By |
|---|---|
| astra-addon | 95,945 |
| burst-statistics | 42,841 |
| click-to-chat-for-whatsapp | 62,899 |
| complianz-gdpr-premium | 36,745 |
| duracelltomi-google-tag-manager | 92,122 |
| elementor | 1,797,891 |
| elementor-pro | 1,060,917 |
| facebook-for-woocommerce | 23,844 |
| jet-blog | 16,132 |
| jet-compare-wishlist | 1,546 |
| jet-elements | 66,839 |
| jet-search | 15,707 |
| jet-tabs | 32,372 |
| jet-woo-builder | 11,049 |
| notificationx | 1,202 |
| pixelyoursite | 76,608 |
| presto-player | 9,875 |
| reviews-feed-pro | 3,217 |
| trustpilot-reviews | 6,551 |
| woo-discount-rules | 18,075 |
| woo-mailerlite | 2,793 |
| woo-variation-swatches | 32,457 |
| woocommerce | 822,257 |
| woocommerce-back-in-stock-notifications | 1,490 |
| woocommerce-gift-cards | 3,306 |
Security Headers
B
Grade B
1 missing header
Missing Headers:
- Content-Security-Policy (CSP) — Prevents XSS attacks ?
Exposed Files & Configurations
This domain has publicly accessible security-sensitive files or configurations:
- User enumeration exposed — Usernames are publicly discoverable via the REST API or author archives, aiding brute-force attacks ?
Need help securing your WordPress site? Contact us for a professional security audit.