Site Information
WordPress Version: 6.4.8 ⚠️ VULNERABLE
Theme: dealsdot (used by 8 domains)
Last Checked: 2026-06-09 08:25:47
HTTPS: ✅ Yes
Plugins (21)
| Plugin | Used By |
|---|---|
| contact-form-7 | 1,766,500 |
| directorist | 2,808 |
| dt_woocommerce_page_builder | 486 |
| gtranslate | 127,649 |
| js_composer | 431,466 |
| leco-client-portal | 128 |
| mailchimp-for-wp | 83,583 |
| popup-maker | 115,816 |
| revslider | 616,475 |
| searchwp-live-ajax-search | 13,649 |
| ti-woocommerce-wishlist | 10,487 |
| ultimate-member | 29,628 |
| ultimate-woocommerce-auction | 318 |
| user-registration | 4,108 |
| woo-variation-swatches | 32,067 |
| woocommerce | 815,025 |
| woocommerce-currency-switcher | 5,702 |
| woocommerce-gateway-stripe | 82,976 |
| woocustomizer | 3,103 |
| wp-user-frontend-pro | 761 |
| yith-woocommerce-compare | 11,266 |
Security Headers
F
Grade F
5 missing headers
Exposed Files & Configurations
This domain has publicly accessible security-sensitive files or configurations:
- Vulnerable WordPress Version (6.4.8) — CVE-2024-4439: Unauthenticated Stored XSS. Update to 6.5.2 or later immediately.
- User enumeration exposed — Usernames are publicly discoverable via the REST API or author archives, aiding brute-force attacks ?
Need help securing your WordPress site? Contact us for a professional security audit.