Site Information
WordPress Version: 6.1.1 ⚠️ VULNERABLE
Theme: newsphere (used by 769 domains)
Last Checked: 2026-07-01 10:26:45
HTTPS: ✅ Yes
Plugins (15)
| Plugin | Used By |
|---|---|
| addthis | 9,293 |
| blockspare | 1,660 |
| dearpdf-lite | 1,324 |
| email-subscribers | 12,121 |
| mx-time-zone-clocks | 340 |
| news-ticker-benaceur | 225 |
| post-slider-and-carousel | 2,759 |
| quick-chat | 119 |
| siteorigin-panels | 58,504 |
| social-media-buttons-toolbar | 2,654 |
| very-simple-contact-form | 1,399 |
| video-embed-thumbnail-generator | 3,188 |
| wp-rss-retriever | 2,035 |
| wp-trending-post-slider-and-widget | 560 |
| wptelegram-widget | 880 |
Security Headers
F
Grade F
6 missing headers
Missing Headers:
- Strict-Transport-Security (HSTS) — Forces HTTPS connections ?
- Content-Security-Policy (CSP) — Prevents XSS attacks ?
- X-Content-Type-Options — Prevents MIME sniffing ?
- X-Frame-Options — Prevents clickjacking ?
- Referrer-Policy — Controls referrer information ?
- Permissions-Policy — Limits browser features ?
Exposed Files & Configurations
This domain has publicly accessible security-sensitive files or configurations:
- Vulnerable WordPress Version (6.1.1) — CVE-2024-4439: Unauthenticated Stored XSS. Update to 6.5.2 or later immediately.
Need help securing your WordPress site? Contact us for a professional security audit.